HPE Community
HPE 3PAR StoreServ Storage
1755447 Members
3757 Online
108833 Solutions
New Discussion

SSMC and log4j vulnerability

 
SOLVED
Go to solution
sbhat09
HPE Pro

‎12-15-2021 04:25 AM

‎12-15-2021 04:25 AM

Re: SSMC and log4j vulnerability

Hello @ArjanSchepers,

I am not allowed to share the workaround publicly. But the security update patch to address 'log4j' vulnerability is in progress and will be released soon.

Till then you can shut-down the SSMC. Use CLI for important administration tasks.

If that is not an option for you, I can personal message you the steps of temporary workaround.

How do you like to go about this?

Regards,
Srinivas Bhat

If you feel this was helpful please click the KUDOS! thumb below!
Note: All of my comments are my own and are not any official representation of HPE.


I am an HPE Employee

Accept or Kudo

0 Kudos
Reply
ArjanSchepers
Established Member

‎12-15-2021 06:15 AM

‎12-15-2021 06:15 AM

Re: SSMC and log4j vulnerability

Hello @sbhat09 , if you could PM me the workaround instructions, that would be great. Thank you in advance!

0 Kudos
Reply
jvbakel
Occasional Visitor

‎12-16-2021 06:31 AM

‎12-16-2021 06:31 AM

Re: SSMC and log4j vulnerability

Hello, would you be able to send me the workaround instructions as well per DM? We shut our SSMCs down, and really need them up.

0 Kudos
Reply
sbhat09
HPE Pro

‎12-16-2021 06:36 AM

‎12-16-2021 06:36 AM

Re: SSMC and log4j vulnerability

Hello @jvbakel,

Sent it.

Regards,
Srinivas Bhat

If you feel this was helpful please click the KUDOS! thumb below!
Note: All of my comments are my own and are not any official representation of HPE.


I am an HPE Employee

Accept or Kudo

0 Kudos
Reply
sbhat09
HPE Pro

‎12-16-2021 06:37 AM

‎12-16-2021 06:37 AM

Re: SSMC and log4j vulnerability

Hello @ArjanSchepers ,

Sent it.

Regards,
Srinivas Bhat

If you feel this was helpful please click the KUDOS! thumb below!
Note: All of my comments are my own and are not any official representation of HPE.


I am an HPE Employee

Accept or Kudo

Reply
aireynol
Valued Contributor

‎12-16-2021 06:38 AM

‎12-16-2021 06:38 AM

Re: SSMC and log4j vulnerability

Please PM it to me also.

0 Kudos
Reply
Alex781
Occasional Visitor

‎12-16-2021 07:37 AM

‎12-16-2021 07:37 AM

Re: SSMC and log4j vulnerability

Hi,
we still use the old windows software based SSMC 3.3.1 which seems also to be affected by log4j issue.
Is there any chance that HPE will provide an update or at least a workaround for this old version, or do we need to migrate to the SSMC VM appliance?
Thx & regards
Alex

0 Kudos
Reply
karla87
Occasional Visitor

‎12-16-2021 08:04 AM - edited ‎12-16-2021 08:08 AM

‎12-16-2021 08:04 AM - edited ‎12-16-2021 08:08 AM

Re: SSMC and log4j vulnerability

Hello @sbhat09

Could you please PM me the workaround as well. 

Thanks for your help!

0 Kudos
Reply
sbhat09
HPE Pro

‎12-16-2021 08:27 AM

‎12-16-2021 08:27 AM

Re: SSMC and log4j vulnerability

Hello @aireynol @karla87 

Sent it.

Regards,
Srinivas Bhat

If you feel this was helpful please click the KUDOS! thumb below!
Note: All of my comments are my own and are not any official representation of HPE.


I am an HPE Employee

Accept or Kudo

0 Kudos
Reply
jeff07
Occasional Visitor

‎12-16-2021 08:51 AM

‎12-16-2021 08:51 AM

Re: SSMC and log4j vulnerability

Hi Srinivas, can you please share the workaround via PM?  Thanks!

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.