| Beide Seiten der vorigen RevisionVorhergehende ÜberarbeitungNächste Überarbeitung | Vorhergehende Überarbeitung |
| log4j [2021/12/20 06:42] – benny | log4j [2024/06/09 10:29] (aktuell) – Externe Bearbeitung 127.0.0.1 |
|---|
| ====== Security Advisory on CVE-2021-44228 / CVE-2021-45046 / CVE-2021-45105 (Log4j) for all ALE Business Divisions ====== | ====== Security Advisory on CVE-2021-44228 / CVE-2021-45046 / CVE-2021-45105 / CVE-2021-4104 (Log4j) for all ALE Business Divisions ====== |
| |
| ===== Log4j CVEs ===== | ===== Log4j CVEs ===== |
| * [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046|CVE-2021-45046]] | * [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046|CVE-2021-45046]] |
| * [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105|CVE-2021-45105]] | * [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105|CVE-2021-45105]] |
| | * [[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4104|CVE-2021-4104]] |
| |
| ===== ALE Security Advisories ===== | ===== ALE Security Advisories ===== |
| * [[https://www.al-enterprise.com//en/search#t=all&sort=%40z95xupdated%20descending&f:language=[Language%2FEnglish]&f:content-type=[Content%20Type%2FTechnical%20Documentation%2FSecurity%20advisory]|Public ALE Security Advisory Page]] (Sorted by date, latest advisories first) | * [[https://www.al-enterprise.com//en/search#t=all&sort=%40z95xupdated%20descending&f:language=[Language%2FEnglish]&f:content-type=[Content%20Type%2FTechnical%20Documentation%2FSecurity%20advisory]|Public ALE Security Advisory Page]] (Sorted by date, latest advisories first) |
| * Most recent Edition should always be available in this [[https://alcatel-lucent-enterprise.secure.force.com/knowledgebp/articles/Customer_Care_Article/000065673|ALE TKC article]] (requires MyPortal login credentials) | * Most recent Edition should always be available in this [[https://alcatel-lucent-enterprise.secure.force.com/knowledgebp/articles/Customer_Care_Article/000065673|ALE TKC article]] (requires MyPortal login credentials) |
| * {{ ::sa-c0068-ed06_apache-log4j2.pdf |}} :!: (**ed06** as of 17.12.2021 the latest edition) :!: | * The ALE Network Business Division (NBD) published this overview [[https://alcatel-lucent-enterprise.secure.force.com/knowledgebp/articles/Customer_Care_Article/000065677|ALE TKC article]] (requires MyPortal login credentials) |
| | * The ALE Communication Business Division (CBD) published the following statement on **Log4j version CVE-2021-4104 and CVE-2021-45105** (not vulnerable to both) [[https://alcatel-lucent-enterprise.secure.force.com/knowledgebp/articles/Customer_Care_Article/000065861|ALE TKC article]] (requires MyPortal login credentials) |
| | * {{ ::sa-c0068-ed08-apache-log4j.pdf |}} :!: (**ed08** as of 22.12.2021 the latest edition) :!: |
| |
| ===== Hotfix for OpenTouch ===== | ===== Hotfix for OpenTouch ===== |
| * [[https://alcatel-lucent-enterprise.secure.force.com/knowledgebp/articles/Customer_Care_Article/000065732|OpenTouch Solution: How to disable the vulnerability "Remote Code Execution vulnerability alert issued by Apache / (CVE-2021-44228)"]] (requires MyPortal login credentials) | * [[https://alcatel-lucent-enterprise.secure.force.com/knowledgebp/articles/Customer_Care_Article/000065742|OpenTouch Solution: How to disable the vulnerability "Remote Code Execution vulnerability alert issued by Apache / (CVE-2021-44228)"]] (requires MyPortal login credentials) |
| | * [[https://alcatel-lucent-enterprise.secure.force.com/knowledgebp/articles/Customer_Care_Article/000065732|OpenTouch Solution: How to disable the vulnerability "Remote Code Execution vulnerability alert issued by Apache / (CVE-2021-44228)" (the actual hotfix/script)]] (requires MyPortal login credentials) |
| * All OpenTouch with Suse Versions | * All OpenTouch with Suse Versions |
