CloudLink: Apache Log4J vulnerability CVE-2021-44228
Oversigt: This article provides a list of security vulnerabilities that cannot be exploited on CloudLink, all versions, but which may be flagged by security scanners.
Denne artikel gælder for
Denne artikel gælder ikke for
Denne artikel er ikke knyttet til et bestemt produkt.
Det er ikke alle produktversioner, der er identificeret i denne artikel.
Sikkerhedsartikeltype
Security KB
CVE-id
CVE-2021-44228
Oversigt over problemet
This article provides a list of security vulnerabilities that cannot be exploited on CloudLink, all versions, but which may be flagged by security scanners.
Oplysninger
The vulnerabilities listed in the table below are in order by the date on which CloudLink Engineering determined that CloudLink, all versions, was not vulnerable.
| Third Party Component | CVE ID | Summary of Vulnerability | Reason why Product is not Vulnerable | Date Determined False Positive |
| Apache Log4j
|
CVE-2021-44228
|
It is remotely exploitable without authentication, for example, may be exploited over a network without the need for a username and password.
|
CloudLink uses log4j-1.2.17. Log4j 1.x does not have JNDI lookup feature. Log4j 1.x JMSAppender code using JNDI API, but this appender is not configured in CloudLink.
|
December 13, 2021 |
Anbefalinger
None
Ansvarsfraskrivelse
Berørte produkter
CloudLink SecureVM, CloudLinkProdukter
Product Security InformationArtikelegenskaber
Artikelnummer: 000194928
Artikeltype: Security KB
Senest ændret: 12 maj 2026
Version: 2
Find svar på dine spørgsmål fra andre Dell-brugere
Supportservices
Kontrollér, om din enhed er dækket af supportservices.