CommScope RUCKUS Community Forums

dawoon_lee · ‎12-12-2021

Hello.

Our customer is running a Ruckus SmartZone (sz-100) controller.
The version of the controller is 5.1.1.0.598.

The customer asked if the SmartZone has the following this security vulnerabilities.

** Vulnerability: [CVE-2021-44228] Apache Log4j2 RCE

Thank you for your valuable answers to the above questions.

michiel_timmers · ‎12-19-2021

A node (6.0.0.0.1331) that I have patched yesterday and for which I had to do a reload is starting to have problems. SNMP stopped responding and the webgui comes up but doesn't show the username/password input boxes. Wifi still seems to be working. Anybody else seeing this behavior?

Greg_WiGuy · ‎12-19-2021

Quite possible @ludia_it

The SZ-124s I'm running are v5.2.2

pmonardo · ‎12-20-2021

After applying the patch, how do we know it has been successfully applied? Are there any validation steps we can take?

Vineet_nejwala · ‎12-20-2021

@Papa_WiFI

You would need to open a ruckus case for this as this could be validated only from vSZ shell mode.

Best Regards

Vineet

Vineet_nejwala · ‎12-20-2021

@ludia_it @nick_nordberg @michiel_timmers @mark_pledl
We have updated out KBA and for 6.0 users, we recommended customer to "reload" vSZ instead of "service restart" after KSP is applied which would work correctly.

Best Regards

vineet