- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- Servers - General
- >
- CVE-2021-44228 (Apache Log4j vulnerability)
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-12-2021 03:15 PM - last edited on 12-15-2021 02:53 PM by support_s
12-12-2021 03:15 PM - last edited on 12-15-2021 02:53 PM by support_s
CVE-2021-44228 (Apache Log4j vulnerability)
Good day,
Does HP have any updates or patches concerning the CVE-2021-44228 (Apache Log4j vulnerability)?
Jacques
- Tags:
- Prolaint server
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-12-2021 10:49 PM
12-12-2021 10:49 PM
Re: CVE-2021-44228 (Apache Log4j vulnerability)
I also try to get official statements about that.
As HPE has many software products basing on *unix - i would say. Many affected.
I would say - they are busy trying to find them
Document - Notice: Apache Software Log4j - Security Vulnerability CVE-2021-44228 | HPE Support
I would suspect that HPE Oneview is vulnerable somehow as the search get some hits
hpe oneview "log4j" - Google Suche
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-13-2021 08:05 AM
12-13-2021 08:05 AM
Re: CVE-2021-44228 (Apache Log4j vulnerability)
We would also be interested in whether OneView or ILO are affected by this in any way.
This github page makes it seem like it might be using log4j but not what version:
GitHub - HewlettPackard/oneview-sdk-java: Java SDK for HPE OneView
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-13-2021 06:22 PM
12-13-2021 06:22 PM
Re: CVE-2021-44228 (Apache Log4j vulnerability)
Hello,
I would suggest you follow the below customer advisory for more clarification.
Notice: (Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228
https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-a00120086en_us
If you feel this was helpful please click the KUDOS! thumb below and accept the solution.
Regards,
I am a HPE Employee.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-13-2021 09:28 PM
12-13-2021 09:28 PM