Showing results for 
Search instead for 
Did you mean: 

[CVE-2021-44228] Apache Log4j2 RCE

New Contributor II


Our customer is running a Ruckus SmartZone (sz-100) controller.
The version of the controller is

The customer asked if the SmartZone has the following this security vulnerabilities.

** Vulnerability: [CVE-2021-44228] Apache Log4j2 RCE

Thank you for your valuable answers to the above questions.


@nick_nordberg @ludia_it 

Strangely we haven't faced this issue in QA test and with customers that we have so far applied patch to. Thank you for sharing you input we will look into this further.

Best Regards


I had no issues with the "service restart" on a pair of SZ-124 units in a cluster.  It took roughly 20mins.

New Contributor II

@vineet_nejawala Might be related only to vSZ version 6.

Justed patched our lab smartzone which is running

After "service restart"  I only get to see "Wait for (Cassandra,Communicator,Configurer,Core,Courier,ElasticSearch,Mosquitto,NginX,RabbitMQ,ScgUniversalExporter,Switchm,Web) up.". After couple of hours I rebooted the smartzone. 

I now shows a date/time at "Applied On" column at the script page

New Contributor III

@ludia_it i did exact same thing but as I had only one dev vsz on I thought it was a bug from my dev environment. Was late just a few minutes before midnight yesterday.