< securityroom

QSAN Responds to CVE-2021-44228: Apache Log4j

April  12 , 2022

Taipei City, Taiwan – December 16, 2021 – The Log4j vulnerability is a recently discovered bug in log4j where hackers are capable of sending commands from anywhere to a logger with this exploit to bring a system down from anywhere in the world with a DoS attack. Software that is written in or relies on Java is susceptible to the exploit.

CVE-2021-44228 is determined to not affect any QSAN products as QSAN software utilizes QSAN Web Server for management and is not based off of Java.

Solution

Products NOT impacted by CVE-2021-44228

  • XCubeFAS Series

  • XCubeNXT Series

  • XCubeNAS Series

  • XCubeSAN Series

  • XCubeDAS Series