Security KB
Apache Publication: Apache Log4j Remote Code Execution
CVE Details: CVE-2021-44228
Dell is reviewing the recently published Apache Log4j Remote Code Execution vulnerability being tracked in CVE-2021-44228 and assessing impact on our products. The security of our products is a top priority and critical to protecting our customers.
Dell continues to provide updates regarding impacted and not impacted products. Customers are encouraged to revisit this article regularly to see the latest product status as it becomes available. For additional questions about Apache Log4j, review the Q&A Dell article 194416: Additional Information for Apache Log4j Remote Code Execution Vulnerability.
Vulnerable Products
The following products are confirmed as impacted by the Apache Log4j vulnerability:
| Product |
Mitigation/Workaround |
Security Update Release Timeline |
| APEX Console |
|
Cloud environment patched |
| APEX Data Storage Services |
|
Cloud environment patched |
| Cloud IQ |
|
Cloud environment patched |
| Connectrix (Cisco MDS DCNM) |
|
See DSA-2021-302 |
| Connectrix B-Series SANnav |
|
See DSA-2021-266 |
| Data Domain OS |
|
See DSA-2021-274 |
| Dell EMC Avamar |
|
Patches in progress, see DSA-2021-277 for available patches
|
| Dell EMC BSN Controller Node |
|
See DSA-2021-305 |
| Dell EMC Cloud Disaster Recovery |
|
See DSA-2021-289 |
| Dell EMC Data Protection Advisor |
|
See DSA-2021-309 |
| Dell EMC Data Protection Central |
|
See DSA-2021- 269
|
| Dell EMC Data Protection Search |
|
See DSA-2021-279 |
| ECS |
|
See DSA-2021-273 |
| Enterprise Hybrid Cloud |
|
See DSA-2021-270 |
| Dell EMC Enterprise Storage Analytics for vRealize Operations |
|
See DSA-2021-278
|
| Dell EMC Integrated System for Azure Stack HCI |
|
See DSA-2021-307
|
| Dell EMC Integrated System for Microsoft Azure Stack Hub |
|
See DSA-2022-033 |
| Dell EMC Metro Node |
|
See DSA-2021-308 |
| Dell EMC NetWorker |
|
See DSA-2021-280 |
| Dell EMC NetWorker VE |
|
See DSA-2021-280 |
| Dell EMC OpenManage Enterprise Modular |
|
See DSA-2021-268 |
| Dell EMC OpenManage Enterprise Services |
|
See DSA-2021-276 |
| Dell EMC OpenManage Enterprise
|
|
See DSA-2021-275
|
| Dell EMC PowerFlex Appliance |
|
See DSA-2021-293 |
| Dell EMC PowerFlex Software (SDS)
|
|
See DSA-2021-272 |
| Dell EMC PowerFlex Rack |
|
See DSA-2021-292
|
| Dell EMC PowerProtect Data Manager |
|
See DSA-2021-286 |
| Dell EMC PowerProtect DP Series Appliance (iDPA) |
|
See DSA-2023-416 |
| Dell EMC PowerStore |
|
See DSA-2021-295 |
| Dell EMC RecoverPoint |
|
See DSA 2021-284 |
| Dell EMC Ruckus SmartZone 300 Controller |
|
See DSA-2021-303 |
| Dell EMC Ruckus SmartZone 100 Controller |
|
See DSA-2021-303 |
| Dell EMC Ruckus Virtual Software |
|
See DSA-2021-303 |
| Dell EMC SRM |
|
See DSA-2021-301 |
| Dell EMC Streaming Data Platform |
|
See DSA-2021-297 |
| Dell EMC Unity |
|
See DSA-2021-294 |
| Dell EMC vProtect |
|
See DSA-2022-007 |
| Dell EMC VxRail |
|
See DSA-2021-265 |
| Dell EMC XC |
|
See DSA-2021-311 |
| Secure Connect Gateway (SCG) Appliance |
|
See DSA-2021-282 |
| Secure Connect Gateway (SCG) Policy Manager |
|
See DSA-2021-281 |
| SRS Policy Manager |
|
See DSA-2021-287 |
| Storage Center - Dell Storage Manager |
|
See DSA-2021-310 |
| SupportAssist Enterprise |
|
See DSA-2021-283 |
| Unisphere Central |
|
See DSA-2021-296 |
| Converged Infrastructure (vblock, VxBlock, VxBlock Central, AMPs, Data Protection, Tech Extensions |
See vce6819 (requires customer login) |
See vce6819 for update
|
| VNXe 1600 |
|
See DSA-2021-299 |
| VNXe 3200 |
|
See DSA-2021-298
|
| vRealize Orchestrator (vRO) Plug-ins for Dell EMC Storage |
|
See DSA-2021-300 |
| vRealize Data Protection Extension Data Management |
|
See DSA-2021-290 |
| Wyse Management Suite |
|
See DSA-2021-267 |
Products Confirmed Not Vulnerable
The following products are not impacted by the Apache Log4j vulnerability:
Alienware Command Center
Alienware OC Controls
Alienware On Screen Display
Alienware Update
Ansible for Dell EMC Storage
Atmos
Avamar vproxy
CalMAN Powered Calibration Firmware
CalMAN Ready for Dell
Centera
Chassis Management Controller (CMC)
China HDD Deluxe
CloudIQ Collector
Cloud Mobility for Dell EMC Storage
Cloud Tiering Appliance
Common Event Enabler
Connectrix (Cisco MDS 9000 switches)
Connectrix B Series
CyberSense for PowerProtect Cyber Recovery
Dell BSAFE Crypto-C Micro Edition
Dell BSAFE Crypto-J
Dell BSAFE Micro Edition Suite
Dell Calibration Assistant
Dell Cinema Color
Dell Client Platforms (Latitude, OptiPlex, Alienware, Inspiron, Precision, XPS, Vostro, ChengMing) BIOS
Dell Cloud Command Repository Manager
Dell Cloud Management Agent
Dell Color Management
Dell Command Configure
Dell Command Integration Suite for System Center
Dell Command Intel vPro Out of Band
Dell Command Monitor
Dell Command Power Manager
Dell Command PowerShell Provider
Dell Command Update
Dell Customer Connect
Dell Data Guardian*
Dell Data Protection*
Dell Data Recovery Environment
Dell Data Vault
Dell Data Vault for Chrome OS
Dell Deployment Agent
Dell Digital Delivery
Dell Direct USB Key
Dell Display Manager 1.5 for Windows / macOS
Dell Display Manager 2.0 for Windows / macOS
Dell EMC AppSync
Dell EMC Cloudboost
Dell EMC CloudLink
Dell EMC Container Storage Modules
Dell EMC Data Computing Appliance (DCA)
Dell EMC DataIQ
Dell EMC Disk Library for Mainframe
Dell EMC GeoDrive
Dell EMC Isilon InsightIQ
Dell EMC License Manager
Dell EMC Networking Onie
Dell EMC Networking Virtual Edge Platform with VersaOS
Dell EMC OpenManage Ansible Modules
Dell EMC OpenManage integration for Splunk
Dell EMC OpenManage Integration for VMware vCenter
Dell EMC OpenManage Management Pack for vRealize Operations
Dell EMC OpenManage Operations Connector for Micro Focus Operations Bridge Manager
Dell EMC PowerMax, VMAX, VMAX3 and VMAX AFA
Dell EMC PowerPath
Dell EMC PowerPath Management Appliance
Dell EMC PowerProtect Cyber Recovery
Dell EMC PowerScale OneFS
Dell EMC PowerShell for PowerMax
Dell EMC PowerShell for Powerstore
Dell EMC PowerShell for Unity
Dell EMC PowerSwitch Z9264F-ON BMC, Dell EMC PowerSwitch Z9432F-ON BMC
Dell EMC PowerVault ME4 Series Storage Arrays
PowerVault MDSM
PowerVault ML3
PowerVault ML3e
PowerVault TL1000{}
PowerVault TL2k/4K
PowerVault ML6K
PowerVault LTO
PowerVault MD3
PowerVault MD14(xx)
PowerVault NX440
PowerVault NX3240
PowerVault NX3340
Dell EMC Repository Manager (DRM)
Dell EMC SourceOne
Dell EMC Systems Update (DSU)
Dell EMC Unisphere 360
Dell EMC Virtual Storage Integrator
Dell EMC VPLEX
Dell EMC XtremIO
Dell Encryption Enterprise*
Dell Encryption Personal*
Dell Endpoint Security Suite Enterprise
Dell Hybrid Client
Dell ImageAssist
Dell Insights Client
Dell Linux Assistant
Dell Memory Solutions
Dell Mobile Connect
Dell Monitor ISP (Windows/Mac/Linux)
Dell Monitor SDK
Dell Networking X-Series
Dell OpenManage Mobile
Dell OpenManage Server Administrator
Dell OpenManage Change Management
Dell OpenManage Enterprise Power Manager Plugin
Dell OpenManage Enterprise CloudIQ plugin
Dell OpenManage Inventory Agent (for Dell Servers)
Dell Optimizer
Dell OS Recovery Tool
Dell Peripheral Manager 1.4 / 1.5 for Windows
Dell Platform Service
Dell Power Manager
Dell Power Manager Lite
Dell Precision Optimizer
Dell Precision Optimizer for Linux
Dell Premier Color
Dell Recovery (Linux)
Dell Remediation Platform
Dell Remote Execution Engine (DRONE)
Dell Security Advisory Update - DSA-2021-088
Dell Security Management Server & Dell Security Management Server Virtual*
Dell Server Management Pack Suite-Open Server Manager
Dell SupportAssist SOS
Dell Thin OS
Dell Threat Defense
Dell True Color
Dell Trusted Device
Dell Update
Dream Catcher
DUP Creation Service
DUP Framework (ISG)
Embedded NAS
Embedded Service Enabler
Equallogic PS & PS Apps
Fluid FS
iDRAC Service Module (iSM)
Integrated Dell Remote Access Controller (iDRAC)
ISG Drive & Storage Media
IsilonSD Management Server
Mainframe Enablers
MDS
My Dell
MyDell Mobile
NetWorker Management Console
Networking BIOS
Networking N-Series
Networking OS 10
Networking OS9
Networking SD-WAN Edge SD-WAN
Networking W-Series
Networking X-Series
OMIMSSC (OpenManage Integration for Microsoft System Center)
OMIMSSC (OpenManage Integration for Microsoft System Center)
OMNIA
OpenManage Connections - Nagios
OpenManage Connections - ServiceNow
OpenManage Essentials
OpenManage Integration for Microsoft System Center for System Center Operations Manager
OpenManage Integration with Microsoft Windows Admin Center
OpenManage Network Integration
OpenManage Power Center
PowerConnect N3200
PowerConnect PC2800
PowerConnect PC8100
PowerEdge Accelerator Solutions
PowerEdge BIOS
PowerEdge Networking Solutions
PowerEdge Operating Systems
PowerEdge RAID Controller Solutions
PowerTools Agent
PPDM Kubernetes cProxy
PPDM VMware vProxy
Remotely Anywhere
Rugged Control Center (RCC)
SD ROM Utility
SDNAS
Smart Fabric Storage Software
SmartByte
SMI-S
Software RAID
Solutions Enabler
Solutions Enabler vApp
Sonic
SRS VE
Storage Center OS and additional SC applications unless otherwise noted
SupportAssist Client Commercial
SupportAssist Client Consumer
UCC Edge
Unisphere for PowerMax
Unisphere for PowerMax vApp
Unisphere for VMAX
Unisphere for VNX
Update Manager Plugin
ViPR Controller
VNX Control Station
VNX1
VNX2
VPLEX VS2/VS6 / VPLEX Witness
Vsan Ready Nodes
Wyse Proprietary OS (ThinOS)
Wyse Windows Embedded Suite
* See Dell KB article 194496: Additional Information for Dell Endpoint Security with regard to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228) for more information.
Any security updates or mitigations will be communicated at https://www.dell.com/support/security when they become available. You can subscribe to our Security Alerts to be notified when these Security Advisories are posted by following the guidance here, or by following the directions in the Security Alerts section on the Security Advisories and Notices page.