cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1304
Views
0
Helpful
7
Replies

CSCwa46963 - Security: CVE-2021-44228 -> Log4j 2 Vulnerability

k.pertzborn
Level 1
Level 1

What das Release 6.6.0 mean exactly?

All releases beginning with 6.6. or especially only the release 6.6.0 an 6.6.1 is not affected, for example?

Regards and thanks in advance

7 Replies 7

CYKmb
Level 1
Level 1

Cisco lists zero fixed releases, so at this point you can probably assume ALL versions are affected.


@CYKmb wrote:

Cisco lists zero fixed releases


Check the Vulnerability in Apache Log4j Library Affecting Cisco Products security bulletin because is it regularly updated.  The Vulnerable Products list now contain Fixed Release Availability column.



Check the Vulnerability in Apache Log4j Library Affecting Cisco Products security bulletin because is it regularly updated.  The Vulnerable Products list now contain Fixed Release Availability column.


 That still shows ZERO fixed releases.

ciscofixed0.png

I have provided two links to this security vulnerability.  I strongly recommend focusing on them instead of the contents in the Bug ID.  Why?  Because Bug IDs do not get updated regularly (the security bulletin gets updated three times daily).

yleduc
Level 1
Level 1

the bug id is no longer accessible, also some of the site behaviour has changed.

I have seen some problems with the bug reporting tool, but I can still reach the bug here https://tools.cisco.com/bugsearch/bug/CSCwa46963.  You may need to clear your browser cache, restart your browser or try a private/incognito browsing session.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: