Log4Shell vulnerability 

 
 
vyjádření výrobců hw/sw ke zranitelnosti Log4shell:

Adaptec

The maxView software is affected, adaptec is working on update


Areca

firmware and software do not use Apache, not affected


Asus

not affected - https://www.asus.com/content/ASUS-Product-Security-Advisory/


Broadcom/LSI

LSA - not affected

MSM is using log4j in Version 1.2.15. Engineering team is checking if is affected.


Gigabyte

AMI provides a formal response that our BMC firmware doesn't have an issue with this vulnerability, GBT marketing team will update info on the official website as soon as possible

MegaRAC SP-X - AMI's SP-X code stack does not include the log4j library

MegaRAC Open Edition - not include the log4j library

MDS - >AMI has confirmed that MDS is not affected, MDS DOES contail Log4j library (not affected version)

MegaRAC Utilities - AMI has confirmed that all the MegaRAC Utilities are not affected

>Customer Portal & AMIGit - AMI has confirmed that both not using Log4j and therefore not affected


Mellanox / NVIDIA

https://nvidia.custhelp.com/app/answers/detail/a_id/5294


Open-e - DSS/Jovian

vyjádření výrobce: https://www.open-e.com/about-us/news/newsletters/open-e-log4j-log4shell-exploit-statement/

Our tests revealed as follows:

  • The MaxView Storage Manager tool utilizes the Apache Log4j library and is affected by the exploit.
  • The MegaRAID Storage Manager (MSM) utilizes the Apache Log4j library but none of our tests showed any indication of the library being affected by the exploit.

    • Open-E safety measures:

  • Open-E will release updates to Open-E JovianDSS and Open-E DSS V7 to disable the MaxView Storage Manager tool to help our customers protect their infrastructure as soon as possible.
  • After that, Open-E will release an update for MaxView Storage Manager containing a security patch (more testing needed to ensure no further issues or compatibility problems).

    • QSAN

    not affected - https://www.qsan.com/en/newspage/qsan-response-to-cve-2021-44228-apache-log4j-remote-code-execution-(87068)


    Supermicro

    vyjádření výrobce: https://www.supermicro.com/en/support/security/Apache_log4j2

    only Supermicro Power Manager (SPM) is affected by Log4J2 - release pending ASAP


    Synology

    not affected - https://www.synology.com/cs-cz/security/advisory/Synology_SA_21_30



     
     
     
    Log4Shell vulnerability
     
     
     
     
     
     
     
    /0 items
    0
    Cart/Total 

     

     

     



     
     
     



     

    Copyright © 2023 CyberSoft s.r.o.
     
     

    The operation of our website www.abacus.cz we use so-called cookies. Cookies are files used to customize site content to measure its performance and generally to ensure your maximum satisfaction. By using this site, you agree with the way the cookie treat.