Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Log4J - you probably need to patch.

Status
Not open for further replies.
Sort by date Sort by votes
SBCE patches are out too, and most of those are internet facing.

No patch for AADS yet though(8.0.1 and above), and that's internet facing.

These two things have been my biggest initial concern.

New England Communications
 
Upvote 0 Downvote
Avaya has patches for critical internet facing components for Remote Worker including ASBCE 8.1.3, AADS 8.1.4.1 (new binary), and Session Manager 8.1.3 (although I've asked about proof on this one).

I would not run remote worker without the patches in place. I have been seeing hacking attempts from Russia, the Ukraine, and Germany(a redirect from Russia) over the past 2 weeks. I expect US based hosted solution provider attacks are also happening. I would also strongly suggest eliminating any outbound internet capability from AADS and Session Manager at this time.
 
Upvote 0 Downvote
SMGR patch and SM patch done in my lab. Seem to be fine so far.
 
Upvote 0 Downvote
Yeah. standalone 8.1.2 and EMS+HA SBC on 8.0.1 and 8.1.2

No complaints.

 
Upvote 0 Downvote
Did 8.1.3 SMGR's, SM's, EMS+HA SBC's on Sunday, no issues.

-CL
 
Upvote 0 Downvote
The AAMS patch they made to be applied via the GUI works pretty nicely. You just have to be on SP 8 to apply it.
 
Upvote 0 Downvote
Just making sure everybody saw that Avaya released a V2 of the log4j patches around 12/22. Looks like they may have missed something in their 1st attempt at a patch.

-CL
 
Upvote 0 Downvote
If you patched on or before 12/22 you probably have to patch again. There was a third log4j vulnerability found.
 
Upvote 0 Downvote
Has anyone patched Session Manager with log4j and after data replication is no longer working?
 
Upvote 0 Downvote
Patched 5 ASM's and had no issues with data replication so far (a week later).
 
Upvote 0 Downvote
Thanks for the reply. I patched 5 as well but 2 have data replication problems. I have an Avaya SR opened but no fix as of yet.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

JustinMB
  • Locked
  • Question
Need old FW for 9611G or need to bypass minimum FW requirements on upgrade.
Replies
0
Views
204
JustinMB
JustinMB
Craft01
  • Locked
  • Question
Removing patch Status stuck at "deactivating" 1
Replies
3
Views
155
JefferP
JefferP
Real_Anduril
  • Locked
  • Question
Reason Codes : Can you disable unnamed reason codes?
Replies
1
Views
158
SoftwareRT
SoftwareRT
km9v
  • Locked
  • Question
What headsets are you using?
Replies
3
Views
217
Mestapho
Mestapho
Spookytooth
  • Locked
  • Question
Export CM 6.3 patch from active duplex server
Replies
4
Views
118
RedTech443
RedTech443

Part and Inventory Search

Sponsor

Back
Top