Our customer is running a Ruckus SmartZone (sz-100) controller.
The version of the controller is 18.104.22.168.598.
The customer asked if the SmartZone has the following this security vulnerabilities.
** Vulnerability: [CVE-2021-44228] Apache Log4j2 RCE
Thank you for your valuable answers to the above questions.
@vineet_nejawala The last version of the advisory (1.2) says that SZ 6.0 KSP should have be released 12/15/2021 (yesterday).
I tried to find it everywhere but was not able to. It also says to contact Customer Support to install it when available. Will we be contacted by email when it's available or we have to refresh the Downloads section each day to know it's released ?
Copied from the security bulletin below, I went ahead and put in a support ticket as well just to have it in.
SmartZone and Contact Customer Support to install SZ 6.0 KSP Virtual SmartZone 5.0 to 6.0 KSP when available. 12/15/2021 Contact Customer Support to install SZ 5.2.2 P1 and KSP when available. 5.2.2 KSPs 12/16/2021 Contact Customer Support to install SZ 5.1 and KSP when available. 5.0 KSPs 12/17/2021
Apologies for the inconvenience. The patch for all codes should be released by today "12/17/2021" EOD. The goal is :
We will have a KBA showing the process for loading the KSP on SZ.
The fixes /KSPs will be open for download for customers with/or without a support.
The aim is to ensure that our customers have the ability to self-help on existing versions as much as possible.
Atlast,Sorry for the delay, but this will be a better outcome for all our customers and us, once completed.