Do Any Clear-Com Products Run Log4j or HP iLO

Owned by ernie addow, created
Last updated: Dec 11, 2023 by KARI EYTHORSSON
1 min read

Can you confirm if any Clear-Com products are impacted from the CVE-2021-44228?

Does Clear Com LQ 4.2.7.0 run any Java and does it use Log4J (see wiki : Log4j / Log4Shell )

Answer :

As of Dec 14, 2021

Clear-Com Engineering can confirm that NO products within the entire product family are affected by this CVE as they do not run log4j. This includes Clear-Com’s EHX software, CCM, Agent-IC, Station-IC, Trilogy Mercury Core, Trilogy ES Software and Trilogy Mentor.

 

Note: Some scanner tools do errendously flag LQ running HP iLO Integrated Lights-out which is a proprietary management technology built into HPE products that allows for remote control access to ProLiant servers, even without being connected to the organization's main network, the origin of the “Lights Out” designation. CVE-2017-12542

 

CAN'T FIND YOUR ANSWER? CLICK HERE TO CONTACT SUPPORT

This solution was provided to you by Clear-Com via a question submitted to us by customers like you. If your question wasn’t answered, you need help or you have a recommended solution for our database, please send us an email at support@clearcom.com

The information on this page is owned by Clear-Com and constitutes Clear-Com’s confidential and proprietary information, may be used solely for purposes related to the furtherance of Clear-Com’ business and shall not be disclosed, distributed, copied or disseminated without Clear-Com’s prior written consent. Click Here for Clear-Com's privacy statement.