Apache Log4j (CVE-2021-45105, CVE-2021-4104, CVE-2021-44228, CVE-2021-45046) is used by IBM Watson Machine Learning Accelerator as part of its logging infrastructure. The fix includes Apache Log4j v2.17.1.
Refer to the security bulletin(s) listed in the Remediation/Fixes section
Affected Product(s) | Version(s) |
---|---|
IBM Watson Machine Learning Accelerator | 1.2.2; 1.2.3 |
IBM Watson Machine Learning Accelerator | 2.2.0; 2.2.1 |
IBM Watson Machine Learning Accelerator | 2.3.0; 2.3.1; 2.3.2; 2.3.3; 2.3.4 |
IBM strongly recommends addressing the vulnerability now.
Affected Product(s) | Version(s) | Remediation |
---|---|---|
IBM Watson Machine Learning Accelerator | 1.2.2; 1.2.3 | 1.2.2 fix patch: wmla-1.2.2-build600973 |
1.2.3 fix patch: dli-1.2.3-build600964-wmla |
IBM Watson Machine Learning Accelerator
| 2.2.0; 2.2.1| To address the vulnerabilities upgrade to IBM Watson Machine Learning Accelerator 2.2.2: <https://www.ibm.com/docs/en/cloud-paks/cp-data/3.5.0?topic=accelerator-upgrading-watson-machine-learning>
IBM Watson Machine Learning Accelerator| 2.3.0; 2.3.1; 2.3.2; 2.3.3; 2.3.4| To address the vulnerabilities upgrade to IBM Watson Machine Learning Accelerator 2.3.5: <https://www.ibm.com/docs/en/wmla/2.3?topic=installation-install-upgrade>
None