文書番号: 000194652

DSA-2021-276: Dell EMC OpenManage Enterprise Services Security Update for Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)

概要: Dell EMC OpenManage Enterprise Services remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability. (Note: OpenManage Services is not affected by CVE-2021-45105). ...

文書の内容

影響

Critical

詳細

Third-party Component	CVEs	More information
Apache Log4j	CVE-2021-44228	Apache Log4j Remote Code Execution
Apache Log4j	CVE-2021-45046	Apache Log4j Remote Code Execution

Third-party Component	CVEs	More information
Apache Log4j	CVE-2021-44228	Apache Log4j Remote Code Execution
Apache Log4j	CVE-2021-45046	Apache Log4j Remote Code Execution

デル・テクノロジーズでは、すべてのお客様に対して、CVSSベーススコアに加えて、特定のセキュリティの脆弱性に付随する潜在的な重要度に影響する可能性のある現状スコアや環境スコアも考慮することをお勧めしています。

影響を受ける製品と修復

Product	Affected Versions	Updated Versions	Link to Update
Dell EMC OpenManage Enterprise Services	Version 1.2 and earlier.	1.2.1	https://www.dell.com/support/home/en-us/drivers/driversdetails?driverid=0w96t Or If the Updates are enabled to download from dell.com, check for Updates in “Console and Plugins” page of OpenManage Enterprise and install version 1.2.1. Or If the updates are enabled on internal network share then, download the artifacts from: https://downloads.dell.com/openmanage_enterprise/plugins/saep/plugins_catalog.json https://downloads.dell.com/openmanage_enterprise/plugins/saep/plugins_catalog.json.asc https://downloads.dell.com/openmanage_enterprise/plugins/saep/archives/ome_saeplugin_1.2.1.tar.gz

Product	Affected Versions	Updated Versions	Link to Update
Dell EMC OpenManage Enterprise Services	Version 1.2 and earlier.	1.2.1	https://www.dell.com/support/home/en-us/drivers/driversdetails?driverid=0w96t Or If the Updates are enabled to download from dell.com, check for Updates in “Console and Plugins” page of OpenManage Enterprise and install version 1.2.1. Or If the updates are enabled on internal network share then, download the artifacts from: https://downloads.dell.com/openmanage_enterprise/plugins/saep/plugins_catalog.json https://downloads.dell.com/openmanage_enterprise/plugins/saep/plugins_catalog.json.asc https://downloads.dell.com/openmanage_enterprise/plugins/saep/archives/ome_saeplugin_1.2.1.tar.gz

変更履歴

Revision	Date	Description
1.0	2021-12-20	Initial Release

関連情報

法的情報

文書のプロパティ

影響を受ける製品

OpenManage Enterprise Services

製品

Product Security Information

最後に公開された日付

20 12月 2021

文書の種類

Dell Security Advisory

トップに戻る