Skip to main content
Start a Conversation

Solved!

Go to Solution

DELL - Rod K

Moderator

 • 

181 Posts

1053

December 16th, 2021 12:00

APACHE log4j vulnerability

Here are key references:

For information:

Dell article 000194416  "Additional Information for Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)", located here:

https://www.dell.com/support/kbdoc/en-us/000194416/additional-information-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228

 

For remediation:

Dell KB 000194520 "PowerProtect DP Series appliance and IDPA: Apache log4j CVE-2021-44228 Remediation for versions 2.3.x, 2.4.x, 2.5, 2.6.x, and 2.7 [All Models]", located here:

https://www.dell.com/support/kbdoc/en-us/000194520/powerprotect-dp-series-appliance-and-idpa-apache-log4j-cve-2021-44228-remediation-for-versions-2-3-x-2-4-x-2-5-2-6-x-and-2-7-all-models

 

Please attempt the steps provided and then if any issues, please open a Support ticket and provide your availability so we can schedule it asap.

*Note: Please DO NOT apply any separate KBs for standalone products, such as Avamar. Only do the above for IDPA specifically.

Questions and contributions are welcome from all.

 

If you found this useful please give KUDOS to help others find the information also.

thanks

 

DELL - Rod K

Moderator

 • 

181 Posts

January 20th, 2022 15:00

Replying to mark TOTAL OF ALL PREVIOUS POSTS IN THIS DISCUSSION as the SOLUTION.

But please continue to post any questions/comments.

DELL - Rod K

Moderator

 • 

181 Posts

December 19th, 2021 09:00

We have a script to automate the whole thing but I found out it is not yet ready for release to customers run themselves, so for now you can either do the above steps manually or contact Support to run the script.

I will update this as soon as the script is released for customers to run.

 

Questions and contributions are welcome from all.

If you found this useful please give KUDOS to help others find the information also.

thanks

 

DELL - Rod K

Moderator

 • 

181 Posts

December 28th, 2021 10:00

The script to automate the remediation for all affected IDPA components is now available to customers on the original KB link as seen below! It was actually available since Dec 23. Please follow the KB (being updated frequently) and open a Support case if any issues.   

https://www.dell.com/support/kbdoc/en-us/000194520/powerprotect-dp-series-appliance-and-idpa-apache-log4j-cve-2021-44228-remediation-for-versions-2-3-x-2-4-x-2-5-2-6-x-and-2-7-all-models

Questions and contributions are welcome from all.

If you found this useful please give KUDOS to help others find the information also.

thanks

View More

View All

No Events found!

Top