Problem
The Log4Shell vulnerabilities CVE-2021-44228, CVE-2021-45105, and CVE-2021-45046 impact:
- Storage Analyzer KM for PATROL v1.2.00 or older
- Storage All-in-One ETL for BMC TrueSight Capacity Optimization v1.6.00 or older
and more especially the troubleshooting tool silicium-launcher-tool.jar which is automatically installed along with these products.
Solution
Install:
- Storage Analyzer KM for PATROL v1.3.00
- Storage All-in-One ETL for BMC TrueSight Capacity Optimization v1.7.00.
These versions come with Apache log4j v2.17.0.
Related Topics
- Monitoring Studio X: HTTP Proxy Authentication Fails When Using Java 8 Update 111 or Later
- Monitoring Studio X Unexpectedly Hangs or Consumes High CPU When Running a JRE Higher Than 8
- CIM_ERR_FAILED Errors Occur When Running EMC WBEM-Based ETLs with Java v11.0.15 or Newer
- No data collected for HPE XP7/XP8 storage systems in TrueSight Capacity Optimization or TrueSight Operations Management
- Troubleshooting Issues with TrueSight Presentation 11.3.03 Upgrade