SPSS Statistics

SPSS Statistics

Your hub for statistical analysis, data management, and data documentation. Connect, learn, and share with your peers! 

 View Only

  • 1.  Apache Log4j 1.2 JMSAppender Remote Code Execution

    Posted Fri October 20, 2023 04:39 PM

    I am running an older version of SPSS statistics (version 24).  My organization tells me I have a vulnerability associated with Apache Log4j 1.2 JMSAppender Remote Code Execution.  Is there a patch for this  vulnerability?



    ------------------------------
    Martin Raphael
    ------------------------------


  • 2.  RE: Apache Log4j 1.2 JMSAppender Remote Code Execution

    Posted Tue October 24, 2023 06:00 PM

    Hi @Martin Raphael

    Unfortunately no.  IBM SPSS Statistics 24.0 had already been designated End of Support by the time this vulnerability was reported.  We did issue interim fix files for IBM SPSS Statistics 25.0 thru 28.0.1.0IBM SPSS Statistics 28.0.1.1 and later do not have this vulnerability.



    ------------------------------
    David Dwyer
    SPSS Technical Support
    IBM Software
    ------------------------------

    Original Message


  • 3.  RE: Apache Log4j 1.2 JMSAppender Remote Code Execution

    Posted Tue October 24, 2023 10:09 PM

    Thanks - I was afraid that might be the case.



    ------------------------------
    Martin Raphael
    ------------------------------

    Original Message


Related Content