KHIPU Networks – CVE-2021-43065 Vulnerability Update

KHIPU are continuing to work with our strategic manufacturing partners to identify potential issues relating to the recently announced Apache log4j library exploit CVE-2021-44228. We have collated information provided to us by the manufacturers of the products we support to provide you with a quick reference guide to what products/services are affected.

If you need any further clarification or require information on a different supported product, please contact the KHIPU NOC and SOC teams.

A10

The A10 PSIRT team have accessed the CVE-2021-44228 vulnerability and shared the following findings.

• A10 PSIRT has confirmed that A10 Networks Thunder, vThunder and aGalaxy products do not contain affected Log4j code. Accordingly, these products are not exposed to this vulnerability.
• A10 Harmony Controller products do contain the affected Log4j code. However, A10 PSIRT has confirmed that these products are not exposed to this vulnerability since an attacker cannot exploit this code”

Alcatel-Lucent

• Not affected

Aruba

Security Advisory ([Aruba-Security-Alerts] CVE-2021-44228 – Apache log4j library vulnerability) has now been released which confirms:

Affected Products:

•    Silver Peak Orchestrator in some configurations. For details visit: https://www.arubanetworks.com/website/techdocs/sdwan/docs/advisories/media/security advisory notice apache log4j2 cve 2021 44228.pdf

Unaffected Products:

• AirWave Management Platform
• Aruba Central
• Aruba ClearPass Policy Manager
• Aruba Instant (IAP)
• Aruba NetEdit
• Aruba Location Services
• Aruba User Experience Insight (UXI)
• ArubaOS Wi-Fi Controllers and Gateways
• ArubaOS SD-WAN Controllers and Gateways
• ArubaOS-CX switches
• ArubaOS-S switches
• Aruba VIA Client

Other Aruba products not listed above are also not known to be affected by the vulnerability.

EIP

SOLIDserver DDI does not utilise Java components at all and therefore is NOT vulnerable.

FortiNAC

It has been determined that FortiNAC is not affected by this vulnerability.

• https://www.fortiguard.com/psirt/FG-IR-21-245

Greenbone

Not Affected

• https://www.greenbone.net/en/greenbones-log4j-vulnerability-test-coverage/
• https://www.greenbone.net/en/log4j-vulnerability-detection/
• https://www.greenbone.net/en/scanning-for-vulnerabilities-like-log4shell/

Infoblox

Following an exhaustive audit of our solutions, we found that the vulnerability ‘log4j’ does not affect most recent versions of NIOS 8.4, 8.5 and 8.6, BloxOneDDI, BloxOne Threat Defense or any of our other SaaS offerings.

Please refer the below article for more information on this.

• https://support.infoblox.com/s/article/Infoblox-NIOS-and-BloxOne-products-not-vulnerable-to-CVE-2021-44228
• https://community.infoblox.com/t5/Trending-KB-Articles/Infoblox-NIOS-and-BloxOne-products-not-vulnerable-to-CVE-2021/ba-p/23542#M117  

KARMA

Not affected

Khipu Konnect

Not affected

Okta

• https://sec.okta.com/articles/2021/12/log4shell

Affected products:

• RADIUS server Agent
• On-Prem MFA Agent

Ordr

Ordr IT, Data Center Operations and the SCE platform are not impacted by this vulnerability.

The Ordr Systems Control Engine (SCE) can detect systems impacted by Log4j.

• Our integrated IDS/threat detection engine has already been updated with signatures to detect active exploits of Log4j

Palo Alto Networks

Certain Panorama versions affected, please see below for work arounds and upgrade recommendation’s.

• https://security.paloaltonetworks.com/CVE-2021-44228
• https://unit42.paloaltonetworks.com/apache-log4j-vulnerability-cve-2021-44228/

PulseSecure

No products affected

• https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR

KHIPU Support

UK Support: +44 (0)345 272 0910

SA Support: +27 (0)41 393 7601

Email: support@khipu-networks.com