CommScope RUCKUS Community Forums

dawoon_lee · ‎12-12-2021

Hello.

Our customer is running a Ruckus SmartZone (sz-100) controller.
The version of the controller is 5.1.1.0.598.

The customer asked if the SmartZone has the following this security vulnerabilities.

** Vulnerability: [CVE-2021-44228] Apache Log4j2 RCE

Thank you for your valuable answers to the above questions.

Vineet_nejwala · ‎12-17-2021

Strangely we haven't faced this issue in QA test and with customers that we have so far applied patch to. Thank you for sharing you input we will look into this further.

Best Regards

Vineet

Greg_WiGuy · ‎12-17-2021

I had no issues with the "service restart" on a pair of SZ-124 units in a cluster. It took roughly 20mins.

ludia_it · ‎12-17-2021

@vineet_nejawala Might be related only to vSZ version 6.

michiel_timmers · ‎12-17-2021

Justed patched our lab smartzone which is running 6.0.0.0.1331.

After "service restart" I only get to see "Wait for (Cassandra,Communicator,Configurer,Core,Courier,ElasticSearch,Mosquitto,NginX,RabbitMQ,ScgUniversalExporter,Switchm,Web) up.". After couple of hours I rebooted the smartzone.

I now shows a date/time at "Applied On" column at the script page

mark_pledl · ‎12-17-2021

@ludia_it i did exact same thing but as I had only one dev vsz on 6.0.0.0.1331. I thought it was a bug from my dev environment. Was late just a few minutes before midnight yesterday.