Unsolved
1 Message
1
2497
December 14th, 2021 01:00
SupportAssist Enterprise and log4j
Hello friends
Does anyone know if any Version of SupportAssist Enterprise is vulnerable to log4j (NVD - CVE-2021-44228 (nist.gov))?
Kind regards
No Events found!
Unsolved
1 Message
1
2497
December 14th, 2021 01:00
Hello friends
Does anyone know if any Version of SupportAssist Enterprise is vulnerable to log4j (NVD - CVE-2021-44228 (nist.gov))?
Kind regards
Top
Shahin24093
2 Posts
1
December 14th, 2021 09:00
I have found vulnerabilities in version 2.0.40.29 Dell support Assist Enterprise.
C:\Program Files\Dell\SupportAssist\lib\log4j-core-2.10.0.jar
C:\Program Files\Dell\SupportAssist\migration\libs\log4j-core-2.10.0.jar
still looking for a solution on Dell, haven't found any. Uninstalling this version as we speak.
BobDellDude2112
3 Posts
1
December 15th, 2021 09:00
Great. Was searching disk for this because earlier versions it's said to be part of MS-SQL (not same vuln but is vuln) and found the files under Dell supportassist. Not cool as it's only on virtually every Dell PC/Server....
LukeJefferson
3 Posts
0
December 27th, 2021 22:00
Download SupportAssist Enterprise 2.0.80
<ADMIN NOTE: Broken link has been removed from this post by Dell>