QID 376555

Date Published: 2022-06-21

QID 376555: IBM Sterling Connect Direct Log4Shell Vulnreability

By sending a specially crafted code string, an attacker could exploit this vulnerability to load arbitrary Java code on the server and take complete control of the system

CVE-2021-44228: Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the failure to protect against attacker controlled LDAP and other JNDI related endpoints by JNDI features.
Affected Versions:
Sterling Connect Direct 4.8.0.3
IBM Connect Direct 6.0.0.3
IBM Connect Direct 6.1.0.1
IBM Connect Direct 6.2.0.0 and 6.2.0.1

QID Detection Logic (Authenticated):
The authenticated check looks for the installed path and running process using WMI query.

An attacker could exploit this vulnerability to load arbitrary Java code on the server and take complete control of the system.

  • CVSS V3 rated as Critical - 10 severity.
  • CVSS V2 rated as Critical - 9.3 severity.
  • Solution
    Newer versions are available to download. For more information about this product or to check for new releases, go to the 6528324.
    Vendor References

    CVEs related to QID 376555

    Software Advisories
    Advisory ID Software Component Link
    6528324 Windows URL Logo www.ibm.com/support/pages/node/6528324