IBM Data Management Community Connect with Db2, Informix, Netezza, open source, and other data experts to gain value from your data, share insights, and solve problems. Join / Log in
A recent security vulnerability has been identified regarding Apache log4j, known as CVE-2021-44228 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228).
The vulnerability only applies to log4j versions greater than v2.0 and <= v2.14.1.
MDM Standard and Advanced Editions do NOT use log4j version 2.x, we are currently on version 1.x. Therefore this vulnerability does not apply to MDM.
We are continuing to investigate the impact and potential resolution of the Log4J vulnerability.
At this moment we do not have a specific statement apart from:
As soon as we have a document/steps we will make it public and share it with our customers who have enquired about the issue.