Skip to main content
commvault.com commvault.com
Solved

211214-365 | Log4J Vulnerability - Top Priority | CVLT::0001022113

  • December 14, 2021
  • 8 replies
  • 1008 views
P
Byte
Forum|alt.badge.img+4
  • PPC
  • Byte
  • 10 replies

Hi All,

 

We would like to understand the Log4J vulnerability scanning, mitigation plans for these to ensure the products are secured.

CommVault

Please let us know is there any impact or do we require any patches  or hotfix please suggest.

Commvault version V11SP11

 

Best answer by Laurent

Hi @PPC

 

Welcome to the Community.

As most others communities, make sure you read the (sticky) topics before asking. :wink:

This is already globally beeing answered, discussed, and tracked over here : 

Though you raised a case and that’s another communication channel.

View original
Did this answer your question?

8 replies

L
Byte
Forum|alt.badge.img+15
  • Laurent
  • Byte
  • 386 replies
  • Answer
  • December 14, 2021

Hi @PPC

 

Welcome to the Community.

As most others communities, make sure you read the (sticky) topics before asking. :wink:

This is already globally beeing answered, discussed, and tracked over here : 

Though you raised a case and that’s another communication channel.

Mike Struening
MichaelCapon
2 people like this
  • Mike Struening
    Mike Struening
  • MichaelCapon
    MichaelCapon
Onno van den Berg
Commvault Certified Expert
Forum|alt.badge.img+19
  • Onno van den BergCommvault Certified Expert
  • Commvault Certified Expert
  • 1252 replies
  • December 14, 2021

I think this says already enough….

Just posting something on a community forum is just not enough because it requires the customer/user to open the community. By now they also added a popup in MA but again it requires you to open MA before you receive the information.

I would expect to receive a notification (regardless of my MA settings) via mail. 

Mike Struening
L
2 people like this
  • Mike Struening
    Mike Struening
  • L
    Laurent
Mike Struening
Vaulter
Forum|alt.badge.img+23

@Onno van den Berg , valid point for sure.  We DO have some tools coming around for our customer portal which will improve our ability to provide information easier, plus some enhancements to how we identify and reach out for critical issues.

This is also a tricky one in that most people are NOT impacted, and any mass messaging would result in more panic than actual remediation.

I also own our Proactive Reach outs (amongst a few dozen other areas) so I’m always happy to hear ideas and discuss.

https://www.linkedin.com/in/michael-struening
MichaelCapon
1 person likes this
  • MichaelCapon
    MichaelCapon
Mike Struening
Vaulter
Forum|alt.badge.img+23

I see you are being assisted on the incident opened.

If you have any further questions, please ask them on the sticky thread which is being closely monitored around the clock (and has most answers already written within).

https://www.linkedin.com/in/michael-struening
G
Bit
Forum|alt.badge.img+1
  • Greg
  • Bit
  • 4 replies
  • December 15, 2021
Mike Struening wrote:

 

This is also a tricky one in that most people are NOT impacted,

That’s not how I took the blog/forum post. Anyone with Oracle or SQL agent is advised to update, even if they aren’t doing Archive or Table level restores.

Mike Struening
Vaulter
Forum|alt.badge.img+23

@Greg , that is correct.  You are only truly impacted if you use the Archive, masking, features.  However, we are advising updating the clients with those agents regardless because it’s entirely possible that those features get applied/utilized at some future time.

Better safe than sorry, essentially.

https://www.linkedin.com/in/michael-struening
MichaelCapon
1 person likes this
  • MichaelCapon
    MichaelCapon
Onno van den Berg
Commvault Certified Expert
Forum|alt.badge.img+19
  • Onno van den BergCommvault Certified Expert
  • Commvault Certified Expert
  • 1252 replies
  • December 15, 2021
Mike Struening wrote:

@Onno van den Berg , valid point for sure.  We DO have some tools coming around for our customer portal which will improve our ability to provide information easier, plus some enhancements to how we identify and reach out for critical issues.

This is also a tricky one in that most people are NOT impacted, and any mass messaging would result in more panic than actual remediation.

I also own our Proactive Reach outs (amongst a few dozen other areas) so I’m always happy to hear ideas and discuss.

@Mike Struening not communicating at all in this situation would be a dumb decision because every organization that takes security serious is assessing all applications and external providers including SaaS to see if they need to implement measures. additionally it is also how you write it down carefully it can also take a way the need for customers to open tickets. to make it more dynamical you could also point from that mail in the direction of the community/MA portal updates. 

Mike Struening
Vaulter
Forum|alt.badge.img+23

I agree.  We should have something going out soon with the 2.16 information.

With this issue, it evolved a few times as time went on, so we’re looking to get a message out soon now that we have the 2.16 upgrade forthcoming.

https://www.linkedin.com/in/michael-struening
MichaelCapon
1 person likes this
  • MichaelCapon
    MichaelCapon

Reply


Most helpful members this week

Terms & ConditionsCookie settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings