DSA-2021-287: Dell EMC SRS Policy Manager Security Update for Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105)

Oversigt: Dell EMC SRS Policy Manager remediation is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability. ...

Denne artikel gælder for Denne artikel gælder ikke for Denne artikel er ikke knyttet til et bestemt produkt. Det er ikke alle produktversioner, der er identificeret i denne artikel.
Udforsk andre ressourcer

Virkning

Critical

Oplysninger

Third-party Component CVEs More information
Apache Log4j CVE-2021-44228 Apache Log4j Remote Code Execution
CVE-2021-45046
CVE-2021-45105
Third-party Component CVEs More information
Apache Log4j CVE-2021-44228 Apache Log4j Remote Code Execution
CVE-2021-45046
CVE-2021-45105
Dell Technologies anbefaler, at alle kunder tager hensyn til både CVSS-basisresultatet og alle relevante tidsmæssige og miljømæssige resultater, som kan have betydning for den potentielle alvorsgrad, der er forbundet med en bestemt sikkerhedsrisiko.

Berørte produkter og udbedring

Product Affected Version Updated Versions Link to Update
SRS Policy Manager 7.0 7.1 https://www.dell.com/support/home/en-us/product-support/product/emc-secure-remote-services/drivers

Note: Versions 6.6 and 6.8 are not impacted.
Product Affected Version Updated Versions Link to Update
SRS Policy Manager 7.0 7.1 https://www.dell.com/support/home/en-us/product-support/product/emc-secure-remote-services/drivers

Note: Versions 6.6 and 6.8 are not impacted.

Løsninger og afhjælpninger

See KB article 194537: SRS Policy Manager 7.0 - remediation for Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228, CVE-2021-45046 and CVE-2021-45105) (Acess to this article requires log in to Dell Support.)

Revisionshistorik

RevisionDateDescription
1.02021-12-15Initial Release
1.12021-12-21Version Updated
1.22022-02-02Added link to workaround at the request of Champion and Customer Support

Relaterede oplysninger

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

Ansvarsfraskrivelse

Berørte produkter

EMC Secure Remote Services, Secure Remote Services, Secure Remote Services Virtual Edition, Product Security Information
Artikelegenskaber
Artikelnummer: 000194544
Artikeltype: Dell Security Advisory
Senest ændret: 02 feb. 2022
Find svar på dine spørgsmål fra andre Dell-brugere
Supportservices
Kontrollér, om din enhed er dækket af supportservices.