DSA-2021-280: Dell NetWorker Security Update for Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105)

详细文章

影响

详情

受影响的产品和补救措施

修订历史记录

摘要: Dell NetWorker remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell Technologies recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability. ...

本文适用于本文不适用于本文并非针对某种特定的产品。本文并非包含所有产品版本。

查看其他资源

影响

Critical

详情

Third-party Component	CVEs	More information
Apache Log4j	CVE-2021-44228	Apache Log4j Remote Code Execution
Apache Log4j	CVE-2021-45046 CVE-2021-45105	Apache Log4j Remote Code Execution

Third-party Component	CVEs	More information
Apache Log4j	CVE-2021-44228	Apache Log4j Remote Code Execution
Apache Log4j	CVE-2021-45046 CVE-2021-45105	Apache Log4j Remote Code Execution

Dell Technologies 建议所有客户考虑 CVSS 基本分数以及任何相关的时间和环境分数，这可能会影响与特定安全漏洞相关的潜在严重程度。

受影响的产品和补救措施

Product	Affected Versions	Updated Versions	Link to Update
NetWorker Server	19.5.x	19.5.0.5,19.6.0 And Later Versions	https://www.dell.com/support/home/en-ca/product-support/product/networker/drivers
NetWorker Server	19.4.x	19.4.0.6
NetWorker Virtual Edition	19.5.x	19.5.0.5,19.6.0 And Later Versions	https://www.dell.com/support/home/en-ca/product-support/product/networker/drivers Note: Only NVE for VMware and upgrade images are available for download.
NetWorker Virtual Edition	19.4.x	19.4.0.6

Note:

NetWorker Storage Node, NetWorker Client, NetWorker Management Console, NetWorker Management UI, NetWorker CloudBoost, and NetWorker vProxy are not vulnerable.
NetWorker 19.1.x, 19.2.x, and 19.3.x are not vulnerable.

Product	Affected Versions	Updated Versions	Link to Update
NetWorker Server	19.5.x	19.5.0.5,19.6.0 And Later Versions	https://www.dell.com/support/home/en-ca/product-support/product/networker/drivers
NetWorker Server	19.4.x	19.4.0.6
NetWorker Virtual Edition	19.5.x	19.5.0.5,19.6.0 And Later Versions	https://www.dell.com/support/home/en-ca/product-support/product/networker/drivers Note: Only NVE for VMware and upgrade images are available for download.
NetWorker Virtual Edition	19.4.x	19.4.0.6

Note:

NetWorker Storage Node, NetWorker Client, NetWorker Management Console, NetWorker Management UI, NetWorker CloudBoost, and NetWorker vProxy are not vulnerable.
NetWorker 19.1.x, 19.2.x, and 19.3.x are not vulnerable.

修订历史记录

Revision	Date	Description
1.0	2021-12-15	Workaround
1.1	2021-12-17	Workaround update
1.2	2021-12-23	Patch added
1.3	2021-12-27	19.3 added as not vulnerable
1.4	2022-01-03	updated additional CVE addressed
1.5	2022-01-11	added 19.6 release to Affected Products and Remediation table
1.6	2022-01-14	updated 19.4 release, removed workaround
1.7	2022-11-29	Minor change in Updated Version Section

法律免责声明

受影响的产品

NetWorker Family, NetWorker, Product Security Information

文章编号: 000194541

文章类型: Dell Security Advisory

上次修改时间: 05 12月 2022

DSA-2021-280: Dell NetWorker Security Update for Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105)

影响

详情

受影响的产品和补救措施

修订历史记录

相关信息

法律免责声明

受影响的产品

文章属性

从其他戴尔用户那里查找问题的答案

支持服务

文章属性

从其他戴尔用户那里查找问题的答案

支持服务

DSA-2021-280: Dell NetWorker Security Update for Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105)

详细文章

影响

详情

受影响的产品和补救措施

修订历史记录

相关信息

法律免责声明

受影响的产品

影响

详情

受影响的产品和补救措施

修订历史记录

相关信息

法律免责声明

受影响的产品

文章属性

从其他戴尔用户那里查找问题的答案

支持服务

文章属性

从其他戴尔用户那里查找问题的答案

支持服务

DSA-2021-280: Dell NetWorker Security Update for Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105)