[Info-vax] Java, log4j, log4shell, and OpenVMS: CVE-2021-44228, CVE-2021-45046
Arne Vajhøj
arne at vajhoej.dk
Fri Dec 17 13:34:08 EST 2021
On 12/16/2021 9:46 PM, Arne Vajhøj wrote:
> On 12/14/2021 8:08 PM, Stephen Hoffman wrote:
>> On 2021-12-14 19:56:24 +0000, Jim said:
>>> On 12/14/2021 11:39 AM, Stephen Hoffman wrote:
>>>> HPE has indicated that 3PAR and some other products are vulnerable to
>>>
>>> Seems HPE now reporting that the 3PAR StorServ is not vulnerable.
>>>
>>> https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-a00120086en_us
>>
>>
>> You're looking at the "not vulnerable" list from HPE.
>>
>> You'll also want to review the "vulnerable" list from HPE, for some
>> problematic 3PAR and XP apps.
>>
>> https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04215en_us
>
>
> I saw a list for multiple vendors:
>
> https://www.continuitysoftware.com/blog/centralized-list-of-storage-and-backup-systems-affected-by-zero-day-log4shell-vulnerability-cve-2021-44228
>
>
> It is a pretty long list!
>
> :-(
https://www.bleepingcomputer.com/news/security/conti-ransomware-uses-log4j-bug-to-hack-vmware-vcenter-servers
Arne
More information about the Info-vax
mailing list