Professional Documents
Culture Documents
Patch description:
11.0p270 is an appliance bundle that includes a fix for Log4j 2.17.1 in the UI components of the
Guardium system. To resolve Log4j 2.17.1 in the IBM Spectrum Protect (TSM) client, you must also
download and install patch 11.0p1013 by using the following link: patch 11.0p1013
Prerequisites:
• Guardium 11.0p200. See release notes for patch v11.0p200.
• The latest health check patch 11.0p9997
Notes:
• This patch restarts the Guardium system.
• Install this patch on all appliances in a top-down manner, starting with the Central Manager, then
Aggregators, and then the Collectors.
• Install this patch during the "quiet" time on the appliance.
• If the downloaded package is in .ZIP format, customers are required to extract it outside
Guardium appliance before uploading/ installing it.
1
Bug Fixes
Known Limitation
2
Security Fixes
3
GRD-55658 PSIRT: PVR0295278 - Kafka - CVE-2021-38153 CVE-2021-38153
(Publicly disclosed vulnerability)
GRD-54707 PSIRT: PVR0308399 - IBM SDK, Java CVE-2021-2388
Technology Edition Quarterly CPU - Oct 2021 -
Includes Oracle Oct 2021 CPU CVE-2021-2369
CVE-2021-2432
CVE-2021-2341
CVE-2021-35560
CVE-2021-35586
CVE-2021-35578
CVE-2021-35564
CVE-2021-35559
CVE-2021-35556
CVE-2021-35565
CVE-2021-35588
CVE-2021-41035
GRD-48544 PSIRT: 254743 - SE - Pen Test 2020 - CVE-2021-20377
Application Error in IBM Security Guardium
IBM Guardium Version 11.0 Licensed Materials - Property of IBM. © Copyright IBM Corp. 2002, 2022. US Government Users
Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
IBM, the IBM logo, and ibm.com® are trademarks or registered trademarks of International Business Machines Corp., registered in
many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of
IBM trademarks are available on the web at “Copyright and trademark information” (www.ibm.com/legal/copytrade.shtml)