DSA-2021-300: vRealize Orchestrator (vRO) Plug-ins for Dell EMC Storage  Security Updates for Apache Log4j Remote Code Execution Vulnerability

요약: vRealize Orchestrator (vRO) Plug-ins for Dell EMC Storage is available for the Apache Log4j Remote Code Execution Vulnerability that may be exploited by malicious users to compromise the affected system. Dell recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability. ...

이 문서는 다음에 적용됩니다. 이 문서는 다음에 적용되지 않습니다. 이 문서는 특정 제품과 관련이 없습니다. 모든 제품 버전이 이 문서에 나와 있는 것은 아닙니다.
기타 리소스 확인

영향

Critical

세부 정보

Third-party Component 

CVE 

More information 

Apache Log4j 

CVE-2021-44228, CVE-2021-45046 

Apache Log4j Remote Code Execution This hyperlink is taking you to a website outside of Dell Technologies.

Third-party Component 

CVE 

More information 

Apache Log4j 

CVE-2021-44228, CVE-2021-45046 

Apache Log4j Remote Code Execution This hyperlink is taking you to a website outside of Dell Technologies.
Dell Technologies는 모든 고객이 CVSS 기본 점수와 관련 임시 및 환경 점수를 모두 고려할 것을 권장합니다. 이 경우 특정 보안 취약성과 관련된 잠재적인 심각도에 영향을 미칠 수 있습니다.

영향을 받는 제품 및 문제 해결

Product Affected Versions Updated Versions Link to Update
vRO Plugin for Dell EMC PowerMax Version 1.2.3 or earlier  1.2.4 Support for vRealize Orchestrator (vRO) Platforms | Drivers & Downloads | Dell US
vRO Plugin for Dell EMC PowerScale Version 1.1.0 or earlier  1.1.1 Support for vRealize Orchestrator (vRO) Platforms | Drivers & Downloads | Dell US
vRO Plugin for Dell EMC PowerScale Version 1.0.3, 1.0.2, 1.0.1, and 1.0.0  1.0.4 Support for vRealize Orchestrator (vRO) Platforms | Drivers & Downloads | Dell US

Note:
Customers using vRO Plugin for Dell EMC PowerStore 1.1.4 (or earlier), Unity 1.0.7 (or earlier  and XtremIO 4.1.2 (or earlier) only need to apply the vRO mitigation, detailed in the Workaround and Mitigation section.
Product Affected Versions Updated Versions Link to Update
vRO Plugin for Dell EMC PowerMax Version 1.2.3 or earlier  1.2.4 Support for vRealize Orchestrator (vRO) Platforms | Drivers & Downloads | Dell US
vRO Plugin for Dell EMC PowerScale Version 1.1.0 or earlier  1.1.1 Support for vRealize Orchestrator (vRO) Platforms | Drivers & Downloads | Dell US
vRO Plugin for Dell EMC PowerScale Version 1.0.3, 1.0.2, 1.0.1, and 1.0.0  1.0.4 Support for vRealize Orchestrator (vRO) Platforms | Drivers & Downloads | Dell US

Note:
Customers using vRO Plugin for Dell EMC PowerStore 1.1.4 (or earlier), Unity 1.0.7 (or earlier  and XtremIO 4.1.2 (or earlier) only need to apply the vRO mitigation, detailed in the Workaround and Mitigation section.

해결 방법 및 완화 방안

Mitigation applicable to vRO Plugin for Dell EMC PowerMax, vRO Plugin for Dell EMC PowerScale, vRO Plugin for Dell EMC PowerStore, vRO Plugin for Dell EMC Unity, and vRO Plugin for Dell EMC XtremIO:

VMware has announced two KB articles to mitigate this vulnerability for VMware vRealize Orchestrator (vRO):

The corresponding patch information is found in:

개정 내역

RevisionDateDescription
1.02021-12-17Initial Release
1.12022-01-04Provide more exact instructions for vRO Plugins for Dell EMC PowerStore, Unity and XtremIO.
1.22022-01-31Updated Remediation section to include 1.0.3, 1.0.2, 1.0.1 and 1.0.0

관련 정보

Dell Security Advisories and Notices
Dell Vulnerability Response Policy
CVSS Scoring Guide

법적 고지 사항

해당 제품

Product Security Information, vRealize Orchestrator (vRO) Plug-in for PowerMax, vRealize Orchestrator (vRO) Plug-in for PowerScale

제품

vRealize Orchestrator (vRO) Plug-in for PowerStore, vRealize Orchestrator (vRO) Plug-in for Unity, vRealize Orchestrator (vRO) Plug-in for XtremIO
문서 속성
문서 번호: 000194610
문서 유형: Dell Security Advisory
마지막 수정 시간: 12 5월 2026
다른 Dell 사용자에게 질문에 대한 답변 찾기
지원 서비스
디바이스에 지원 서비스가 적용되는지 확인하십시오.