DSA-2021-307: Dell EMC Integrated System for Azure Stack HCI Security Update for Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228 and CVE-2021-45046)
Summary: Dell EMC Integrated System for Azure Stack HCI is impacted by the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing the remediation seen below as soon as possible in light of the critical severity of the vulnerability. ...
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Impact
Critical
Details
| Third-party Component | CVE | More information |
| Apache Log4j | CVE-2021-44228 CVE-2021-45046 |
Apache Log4j Remote Code Execution |
| Third-party Component | CVE | More information |
| Apache Log4j | CVE-2021-44228 CVE-2021-45046 |
Apache Log4j Remote Code Execution |
Affected Products & Remediation
Dell EMC Integrated System for Azure Stack HCI is not impacted by this advisory. If Dell EMC SupportAssist Enterprise (SAE) or Dell EMC Secure Connect Gateway (SCG) were optionally installed with Dell EMC Integrated System for Azure Stack HCI, monitor the following advisories.
Apply workaround guidance and remediations as they become available.
Apply workaround guidance and remediations as they become available.
| CVE Addressed | Products | Link to Update |
| CVE-2021-44228 CVE-2021-45046 |
Dell EMC SupportAssist Enterprise (SAE) | SAE - DSA-2021-283 SCG Appliance - DSA-2021-282 SCG Policy Manager DSA-2021-281 |
| Dell EMC Secure Connect Gateway (SCG) |
Dell EMC Integrated System for Azure Stack HCI is not impacted by this advisory. If Dell EMC SupportAssist Enterprise (SAE) or Dell EMC Secure Connect Gateway (SCG) were optionally installed with Dell EMC Integrated System for Azure Stack HCI, monitor the following advisories.
Apply workaround guidance and remediations as they become available.
Apply workaround guidance and remediations as they become available.
| CVE Addressed | Products | Link to Update |
| CVE-2021-44228 CVE-2021-45046 |
Dell EMC SupportAssist Enterprise (SAE) | SAE - DSA-2021-283 SCG Appliance - DSA-2021-282 SCG Policy Manager DSA-2021-281 |
| Dell EMC Secure Connect Gateway (SCG) |
Revision History
| Revision | Date | Description |
| 1.0 | 2021-12-17 | Initial Release |
| 1.1 | 2021-12-27 | Added SAE DSA |
| 1.2 | 2021-12-27 | Added CVE-2021-45046 |
Related Information
Legal Disclaimer
Affected Products
Integrated System for Microsoft Azure Stack Hub, Product Security InformationArticle Properties
Article Number: 000194622
Article Type: Dell Security Advisory
Last Modified: 07 Jan 2022
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.