DSA-2021-270: Enterprise Hybrid Cloud Security Update for Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
Shrnutí: Enterprise Hybrid Cloud remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability. ...
Tento článek se vztahuje na
Tento článek se nevztahuje na
Tento článek není vázán na žádný konkrétní produkt.
V tomto článku nejsou uvedeny všechny verze produktu.
Vliv
Critical
Podrobnosti
| Third-party Component | CVE | More information |
| Apache log4j | CVE-2021-44228 | Apache Log4j Remote Code Execution DSN-2021-007: Dell Response to Apache Log4j Remote Code Execution Vulnerability |
| Third-party Component | CVE | More information |
| Apache log4j | CVE-2021-44228 | Apache Log4j Remote Code Execution DSN-2021-007: Dell Response to Apache Log4j Remote Code Execution Vulnerability |
Dotčené produkty a náprava
Enterprise Hybrid Cloud 4.1.2 workflows is not impacted by this advisory, including packages Update 1 through 8.
Monitor the following advisories and apply workaround guidance and remediations as they become available:
Note: Dell EMC RecoverPoint for Virtual Machines plugin is not impacted by this advisory, all packages Update 1 through 8 are covered.
Monitor the following advisories and apply workaround guidance and remediations as they become available:
| CVE Addressed | Products | Link to Update |
| CVE-2021-44228 | VMware vCenter Server Appliance | VMSA-2021-0028.3 |
| VMware vRealize Automation 7.x | ||
| VMware vRealize Orchestrator 7.x | ||
| VMware NSX for Data Center for vSphere 6.x | ||
| VMware vRealize Log Insight 8.x | ||
| VMware vRealize Business for Cloud 7.x | ||
| Dell EMC Data Domain OS | DSA-2021-274 |
|
| Dell EMC Avamar | DSA-2021-277 | |
| Dell EMC VxRail | DSA-2021-265 | |
| VxBlock | See vce6771 (requires customer login) | |
| Dell EMC Unity | Monitor Knowledge Baste Article 194414 for advisory publication: https://www.dell.com/support/kbdoc/en-uk/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability | |
| Dell EMC RecoverPoint for Virtual Machines | DSA-2021-284 |
Note: Dell EMC RecoverPoint for Virtual Machines plugin is not impacted by this advisory, all packages Update 1 through 8 are covered.
Enterprise Hybrid Cloud 4.1.2 workflows is not impacted by this advisory, including packages Update 1 through 8.
Monitor the following advisories and apply workaround guidance and remediations as they become available:
Note: Dell EMC RecoverPoint for Virtual Machines plugin is not impacted by this advisory, all packages Update 1 through 8 are covered.
Monitor the following advisories and apply workaround guidance and remediations as they become available:
| CVE Addressed | Products | Link to Update |
| CVE-2021-44228 | VMware vCenter Server Appliance | VMSA-2021-0028.3 |
| VMware vRealize Automation 7.x | ||
| VMware vRealize Orchestrator 7.x | ||
| VMware NSX for Data Center for vSphere 6.x | ||
| VMware vRealize Log Insight 8.x | ||
| VMware vRealize Business for Cloud 7.x | ||
| Dell EMC Data Domain OS | DSA-2021-274 |
|
| Dell EMC Avamar | DSA-2021-277 | |
| Dell EMC VxRail | DSA-2021-265 | |
| VxBlock | See vce6771 (requires customer login) | |
| Dell EMC Unity | Monitor Knowledge Baste Article 194414 for advisory publication: https://www.dell.com/support/kbdoc/en-uk/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability | |
| Dell EMC RecoverPoint for Virtual Machines | DSA-2021-284 |
Note: Dell EMC RecoverPoint for Virtual Machines plugin is not impacted by this advisory, all packages Update 1 through 8 are covered.
Zástupná řešení a opatření pro zmírnění rizik
Follow workaround and mitigation information in articles and advisories linked in the Affected Products and Remediation section.
Historie změn
| Revision | Date | Description |
| 1.0 | 2021-12-14 | Initial Release |
| 1.1 | 2021-12-17 | Updated Content |
Související informace
Právní upozornění
Dotčené produkty
Enterprise Hybrid Cloud, Enterprise Hybrid CloudProdukty
Product Security InformationVlastnosti článku
Číslo článku: 000194490
Typ článku: Dell Security Advisory
Poslední úprava: 19 Sep 2025
Najděte odpovědi na své otázky od ostatních uživatelů společnosti Dell
Služby podpory
Zkontrolujte, zda se na vaše zařízení vztahují služby podpory.