Date Published: 2022-06-21
QID 376555: IBM Sterling Connect Direct Log4Shell Vulnreability
By sending a specially crafted code string, an attacker could exploit this vulnerability to load arbitrary Java code on the server and take complete control of the system
CVE-2021-44228: Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the failure to protect against attacker controlled LDAP and other JNDI related endpoints by JNDI features.
Sterling Connect Direct 18.104.22.168
IBM Connect Direct 22.214.171.124
IBM Connect Direct 126.96.36.199
IBM Connect Direct 188.8.131.52 and 184.108.40.206
QID Detection Logic (Authenticated):
The authenticated check looks for the installed path and running process using WMI query.
An attacker could exploit this vulnerability to load arbitrary Java code on the server and take complete control of the system.
- 6528324 - www.ibm.com/support/pages/node/6528324
CVEs related to QID 376555