Log4Shell vulnerability 

vyjádření výrobců hw/sw ke zranitelnosti Log4shell:


The maxView software is affected, adaptec is working on update


firmware and software do not use Apache, not affected


not affected - https://www.asus.com/content/ASUS-Product-Security-Advisory/


LSA - not affected

MSM is using log4j in Version 1.2.15. Engineering team is checking if is affected.


AMI provides a formal response that our BMC firmware doesn't have an issue with this vulnerability, GBT marketing team will update info on the official website as soon as possible

MegaRAC SP-X - AMI's SP-X code stack does not include the log4j library

MegaRAC Open Edition - not include the log4j library

MDS - >AMI has confirmed that MDS is not affected, MDS DOES contail Log4j library (not affected version)

MegaRAC Utilities - AMI has confirmed that all the MegaRAC Utilities are not affected

>Customer Portal & AMIGit - AMI has confirmed that both not using Log4j and therefore not affected

Mellanox / NVIDIA


Open-e - DSS/Jovian

vyjádření výrobce: https://www.open-e.com/about-us/news/newsletters/open-e-log4j-log4shell-exploit-statement/

Our tests revealed as follows:

  • The MaxView Storage Manager tool utilizes the Apache Log4j library and is affected by the exploit.
  • The MegaRAID Storage Manager (MSM) utilizes the Apache Log4j library but none of our tests showed any indication of the library being affected by the exploit.
  • Open-E safety measures:

  • Open-E will release updates to Open-E JovianDSS and Open-E DSS V7 to disable the MaxView Storage Manager tool to help our customers protect their infrastructure as soon as possible.
  • After that, Open-E will release an update for MaxView Storage Manager containing a security patch (more testing needed to ensure no further issues or compatibility problems).

  • QSAN

    not affected - https://www.qsan.com/en/newspage/qsan-response-to-cve-2021-44228-apache-log4j-remote-code-execution-(87068)


    vyjádření výrobce: https://www.supermicro.com/en/support/security/Apache_log4j2

    only Supermicro Power Manager (SPM) is affected by Log4J2 - release pending ASAP


    not affected - https://www.synology.com/cs-cz/security/advisory/Synology_SA_21_30

    Log4Shell vulnerability
    /0 items






    Copyright © 2024 CyberSoft s.r.o.


    The operation of our website www.abacus.cz we use so-called cookies. Cookies are files used to customize site content to measure its performance and generally to ensure your maximum satisfaction. By using this site, you agree with the way the cookie treat.