CommScope RUCKUS Community Forums

dawoon_lee · ‎12-12-2021

Hello.

Our customer is running a Ruckus SmartZone (sz-100) controller.
The version of the controller is 5.1.1.0.598.

The customer asked if the SmartZone has the following this security vulnerabilities.

** Vulnerability: [CVE-2021-44228] Apache Log4j2 RCE

Thank you for your valuable answers to the above questions.

grodog-prod · ‎12-18-2021

@JTakaMT: thank you, I should have mentioned that as well, since our TAC director runs on a Mac and did see that too.

@vineet_nejawala : can you or Sameer please update the KBA with the MAC-specific guidance re: the decompression process?

Allan.

Allan T. Grohe Jr.
==
Knowledge Management Program Director
for RUCKUS Customer Services & Support

Vineet_nejwala · ‎12-18-2021

@allan_grohe

This has been updated on article.

Best Regards

Vineet

ludia_it · ‎12-17-2021

Just finished patching. (vSZ 6)

I tried to restart the services after the patch as documented (service restart) on the first node but after 1 hour it was still waiting on the same services to get up.

I had to reboot the node (reload).

On the second one, I just used the (reload) command.

nick_nordberg · ‎12-17-2021

@ludia_it

I had the same issue here.

The message that kept repeating was:

"Wait for (Cassandra,Communicator,Configurer,Core,Courier,ElasticSearch,Mosquitto,NginX,RabbitMQ,ScgUniversalExporter,Switchm,Web) up."

Mine is a 2 node vSZ-H on firmware 6.0.0.0.1213

I took your lead and logged in with another session and did a reload. Came back up after that.

ludia_it · ‎12-17-2021

@vineet_nejawala @allan_grohe

I think you should review your documentation to just do a reboot (reload) after the patch is applied.