/
Do Any Clear-Com Products Run Log4j or HP iLO

Do Any Clear-Com Products Run Log4j or HP iLO

Can you confirm if any Clear-Com products are impacted from the CVE-2021-44228?

Does Clear Com LQ 4.2.7.0 run any Java and does it use Log4J (see wiki : Log4j / Log4Shell )

Answer :

As of Dec 14, 2021

Clear-Com Engineering can confirm that NO products within the entire product family are affected by this CVE as they do not run log4j. This includes Clear-Com’s EHX software, CCM, Agent-IC, Station-IC, Trilogy Mercury Core, Trilogy ES Software and Trilogy Mentor.

 

Note: Some scanner tools do errendously flag LQ running HP iLO Integrated Lights-out which is a proprietary management technology built into HPE products that allows for remote control access to ProLiant servers, even without being connected to the organization's main network, the origin of the “Lights Out” designation. CVE-2017-12542

 

CAN'T FIND YOUR ANSWER? CLICK HERE TO CONTACT SUPPORT

This solution was provided by Clear-Com via a question submitted to us by customers like you. If you wish to share with us a new solution or update an old one, please follow this link..

The information on this page is owned by Clear-Com and constitutes Clear-Com’s confidential and proprietary information, may be used solely for purposes related to the furtherance of Clear-Com’ business and shall not be disclosed, distributed, copied or disseminated without Clear-Com’s prior written consent. Click Here for Clear-Com's privacy statement.