0
Košík je prázdný
0
     
     

    Log4Shell zranitelnost 

     
     
    vyjádření výrobců hw/sw ke zranitelnosti Log4shell:

    Adaptec

    The maxView software is affected, adaptec is working on update


    Areca

    firmware and software do not use Apache, not affected


    Asus

    not affected - https://www.asus.com/content/ASUS-Product-Security-Advisory/


    Broadcom/LSI

    LSA - not affected

    MSM is using log4j in Version 1.2.15. Engineering team is checking if is affected.


    Gigabyte

    AMI provides a formal response that our BMC firmware doesn't have an issue with this vulnerability, GBT marketing team will update info on the official website as soon as possible

    MegaRAC SP-X - AMI's SP-X code stack does not include the log4j library

    MegaRAC Open Edition - not include the log4j library

    MDS - >AMI has confirmed that MDS is not affected, MDS DOES contail Log4j library (not affected version)

    MegaRAC Utilities - AMI has confirmed that all the MegaRAC Utilities are not affected

    >Customer Portal & AMIGit - AMI has confirmed that both not using Log4j and therefore not affected


    Mellanox / NVIDIA

    https://nvidia.custhelp.com/app/answers/detail/a_id/5294


    Open-e - DSS/Jovian

    vyjádření výrobce: https://www.open-e.com/about-us/news/newsletters/open-e-log4j-log4shell-exploit-statement/

    Our tests revealed as follows:

  • The MaxView Storage Manager tool utilizes the Apache Log4j library and is affected by the exploit.
  • The MegaRAID Storage Manager (MSM) utilizes the Apache Log4j library but none of our tests showed any indication of the library being affected by the exploit.
  • Open-E safety measures:

  • Open-E will release updates to Open-E JovianDSS and Open-E DSS V7 to disable the MaxView Storage Manager tool to help our customers protect their infrastructure as soon as possible.
  • After that, Open-E will release an update for MaxView Storage Manager containing a security patch (more testing needed to ensure no further issues or compatibility problems).

  • QSAN

    not affected - https://www.qsan.com/en/newspage/qsan-response-to-cve-2021-44228-apache-log4j-remote-code-execution-(87068)


    Supermicro

    vyjádření výrobce: https://www.supermicro.com/en/support/security/Apache_log4j2

    only Supermicro Power Manager (SPM) is affected by Log4J2 - release pending ASAP


    Synology

    not affected - https://www.synology.com/cs-cz/security/advisory/Synology_SA_21_30



     
     

    Tagy:

     
    Log4Shell zranitelnost
     
     
     

    K provozování našeho webu m.abacus.cz využíváme takzvané cookies. Cookies jsou soubory sloužící k přizpůsobení obsahu webu, k měření jeho funkčnosti a obecně k zajištění vaší maximální spokojenosti. Používáním tohoto webu souhlasíte se způsobem, jakým s cookies nakládáme. Více informací...