The official site for Saudi CERT
DELL EMC Updates
2538
Warning Date
Severity Level
Warning Number
Target Sector
19 December, 2021
● Critical
2021-4092
All
Description:
DELL EMC has released security updates to address the Apache log4j vulnerability in the following products:
- Virtual Edge Platform with Versa Concerto
- Virtual Edge Platform with Versa Analytics
- Virtual Edge Platform with Versa Concerto Director
- Secure Connect Gateway - Virtual Edition
- Secure Connect Gateway - Application Edition
- VNXe3200
- VNXe1600
- Dell EMC SMR
- Dell EMC SRM
- Dell EMC Ruckus SmartZone 100 Controller
- Dell EMC Ruckus SmartZone 300 Controller
- Dell EMC Ruckus Virtual Software
- Dell EMC SupportAssist Enterprise (SAE)
- Dell EMC Secure Connect Gateway (SCG)
- vRealize Data Protection Extension for vRealize Automation (vRA) 8.x
- VMware vRealize Automation 8.x
- VMware vRealize Orchestrator 8.x
- Dell EMC ECS
- vRO Plugin for Dell EMC PowerMax
- vRO Plugin for Dell EMC PowerScale
- vRO Plugin for Dell EMC PowerStore
- vRO Plugin for Dell EMC Unity
- vRO Plugin for Dell EMC XtremIO
- Dell EMC BSN Controller Node
- Dell EMC Data Protection Search
- Dell EMC Metro Node
Threats:
A remote attacker could exploit this vulnerability by executing arbitrary code.
Best practice and Recommendations:
The CERT team encourages users to review DELL EMC security advisory and apply the necessary updates:
- https://www.dell.com/support/kbdoc/en-us/000194621/dsa-2021-304-dell-emc-networking-virtual-edge-platform-with-versaos-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228
- https://www.dell.com/support/kbdoc/en-us/000194624/dsa-2021-282-dell-emc-secure-connect-gateway-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228
- https://www.dell.com/support/kbdoc/en-us/000194606/dsa-2021-298-dell-emc-vnxe3200-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228
- https://www.dell.com/support/kbdoc/en-us/000194605/dsa-2021-299-dell-emc-vnxe1600-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228
- https://www.dell.com/support/kbdoc/en-us/000194613/dsa-2021-301
- https://www.dell.com/support/kbdoc/en-us/000194616/dsa-2021-303-dell-emc-ruckus-wireless-controller-and-virtual-software-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228
- https://www.dell.com/support/kbdoc/en-us/000194622/dsa-2021-307-dell-emc-integrated-system-for-azure-stack-hci-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228
- https://www.dell.com/support/kbdoc/en-us/000194614/dsa-2021-290-dell-emc-vrealize-data-protection-extension-for-vrealize-automation-vra-8-x-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228
- https://www.dell.com/support/kbdoc/en-us/000194612/dsa-2021-273-dell-emc-ecs-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228
- https://www.dell.com/support/kbdoc/en-us/000194610/dsa-2021-300
- https://www.dell.com/support/kbdoc/en-us/000194631/dsa-2021-305-dell-emc-bsn-controller-node-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228
- https://www.dell.com/support/kbdoc/en-us/000194629/dsa-2021-279-dell-emc-data-protection-search-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228
- https://www.dell.com/support/kbdoc/en-us/000194630/dsa-2021
Rate the content
Share the page
