This article addresses the status of the KACE SMA and KACE SDA Appliances in regards to the Apache Log4j2 Zero-Day exploit identified under CVE-2021-44228. For more details regarding the Apache Log4j2 vulnerability, refer to Fixed in Log4j 2.15.0 section of the Apache Log4j Security Vulnerabilities page.
It has been confirmed that the Apache Log4j2 Zero-Day exploit identified by CVE-2021-44228 does not impact the KACE SMA and KACE SDA appliances.
Quest recommends that all customers ensure they are running a supported version. The supported versions are not affected by Log4j vulnerability (CVE-2021-44228).
For any questions or assistance on this topic please contact our Tech Support.