log4j question

Sorry, it looks like the Log4j is related to Storage manger of Our SAN and not Open manage. still question remining is, is there any patch for this product?

Thanks 

The issue was discovered on 12/10 and is being evaluated in our product portfolio, at this point in time. The NIST website has mitigation steps hosted on their page, but there is no software patch available yet.

The second provided link is a Dell article with additional information, including affected products, unaffected products, and those currently under review. There is also a link to the Dell Security Advisory page, which will provide more information as it becomes available.

https://dell.to/3m5aOh3

https://dell.to/3m5aOO5

thanks for update,

Dell affected procduct documents says that Storage Center is not affected, we are usein Dell EMC storage center client to manage our SAN, is this the same as storage center?

Thanks

I believe it is the same product, yes. The only other product with a similar name that I can think of is the Compellent Storage Center OS. 

Storage Center is the OS running on Compellent SANs. Storage Manager is the application used to connect to and manage Compellent SANs. They are two separate products. Storage Center has been confirmed to be unaffected.

To my knowledge Dell has not released information on Storage Manager but it does appear to have the affected version of log4j. We've removed the class manually while we wait for official guidance/patching from Dell.

Hi, Thank you for your reply, we have Storage manager client on some of our servers and I can see that Dell still did not come up with any patch. How did you remove the class manually for this product?

Thanks