ONTAP Discussions

log4j advisory | VSC 9.7.x

Ontapforrum
1,765 Views

Hi NetApp,

 

Could you provide more clarity on the list of 'Affected Products' mentioned in the log4j advisory.

 

My query is specifically for 'Virtual Storage Console'. In the following weblink, it mentions 'ONTAP Tools for VMware vSphere' as affected product, which is a new name for VSC from 9.8 onwards. VSC's last version is 9.7.x.


Does this vulnerability only applies to 'ONTAP Tools for VMware vSphere' (which is 9.8 onwards) ?
https://security.netapp.com/advisory/ntap-20211210-0007/


Many thanks!

1 ACCEPTED SOLUTION
3 REPLIES 3

paul_stejskal
1,632 Views

I will check with PSIRT and get an update. Good question.

 

paul_stejskal
1,628 Views

Assume it is affected. Also end of version support was Oct 20 for 9.7.1, so you should upgrade anyway.

https://mysupport.netapp.com/site/info/version-support

Public