Log4j - RUCKUS Technical Support Response Center

This page is the primary resource for CommScope RUCKUS customers and partners to address the Log4j java library (aka Log4Shell, Log4j2) security vulnerability. This page acts as a central home for support links and content to provide more information about the vulnerability, and other technical resources to assist you with the response to the Log4j vulnerability.

Security Bulletin, FAQs, and Knowledge Base

Log4j Technical Resources

RUCKUS Resources

Industry Technical Response and Communications

Log4j Security Patch Release Schedules - last updated 16 December 2021

Platform Software
Release
Target/Delivered Patch Release Date Product Vulnerable? Comments

Please review the Release Notes on the RUCKUS Support Portal for specific release build numbers.

SmartZone and
Virtual SmartZone
6.1
Not ApplicableNo

6.0.017 December 2021
Yes
  • KSP resolves CVE-2021-44228 and CVE-2021-45046
  • SZ/vSZ not vulnerable to CVE-2021-45105 or CVE-2021-44832 
5.2.X Upgrade23 December 2021 Yes
  • For reapplying log4j KSP when upgrading between 5.2.X releases. Example: 5.2.2 GA to 5.2.2 MR1
  • KSP resolves CVE-2021-44228 and CVE-2021-45046
  • SZ/vSZ not vulnerable to CVE-2021-45105 or CVE-2021-44832 
5.2.2 MR1
17 December 2021Yes
  • KSP resolves CVE-2021-44228 and CVE-2021-45046
  • SZ/vSZ not vulnerable to CVE-2021-45105 or CVE-2021-44832 
  •  
5.2.2
17 December 2021 Yes
  • KSP resolves CVE-2021-44228 and CVE-2021-45046
  • SZ/vSZ not vulnerable to CVE-2021-45105 or CVE-2021-44832 
5.2.1
17 December 2021Yes
  • KSP resolves CVE-2021-44228 and CVE-2021-45046
  • SZ/vSZ not vulnerable to CVE-2021-45105 or CVE-2021-44832 
5.2.0
17 December 2021Yes
  • KSP resolves CVE-2021-44228 and CVE-2021-45046
  • SZ/vSZ not vulnerable to CVE-2021-45105 or CVE-2021-44832 
5.0.X and 5.1.X Upgrade
23 December 2021 
Yes
  • For reapplying log4j KSP when upgrading between 5.0.X and 5.1.X releases. Example: 5.0.0.0.675 to 5.1.1.0.598 or 5.1.1.0.598 to 5.1.2.0.302
  • KSP resolves CVE-2021-44228 and CVE-2021-45046
  • SZ/vSZ not vulnerable to CVE-2021-45105 or CVE-2021-44832  
5.1.2
17 December 2021Yes
  • KSP resolves CVE-2021-44228 and CVE-2021-45046
  • SZ/vSZ not vulnerable to CVE-2021-45105 or CVE-2021-44832
5.1.1
17 December 2021Yes
  • KSP resolves CVE-2021-44228 and CVE-2021-45046
  • SZ/vSZ not vulnerable to CVE-2021-45105 
5.1.0
17 December 2021Yes
  • KSP resolves CVE-2021-44228 and CVE-2021-45046
  • SZ/vSZ not vulnerable to CVE-2021-45105 or CVE-2021-44832 
5.0.0
17 December 2021Yes
  • KSP resolves CVE-2021-44228 and CVE-2021-45046
  • SZ/vSZ not vulnerable to CVE-2021-45105 or CVE-2021-44832 
3.6.2
Not Applicable No
3.4.2
Not Applicable No
ZoneDirectorAll versions
Not ApplicableNo

CloudpathAll versionsNot ApplicableNo

RUCKUS Network Director (RND)
3.0 and earlier versionsNot ApplicableNo

Unleashed
All versions
Not ApplicableNo
Including Unleashed APs
SPoT/vSPoT
All versionsNot ApplicableNo

SmartZone Data Plane and Virtual SmartZone Data Plane
All versions
Not ApplicableNo

RUCKUS Analytics
All versions
18 December 2021
Yes
  • No action required.  Patches in production on release date
  • Not vulnerable to CVE-2021-45105 or CVE-2021-44832 
MobileApps
All versionsNot ApplicableNo
  • Ruckus cloud app not vulnerable to 
  • Swipe, SPoT, Speedflex, Unleashed apps use android and not impacted
RUCKUS LTE (CBRS)
All versionsTBDUnder AssessmentIncluding LTE APs
ICX Switches
All versions Not ApplicableNo

FlexMaster
9.13.1
29 December 2021
Yes
  • Update can be applied to resolve UMM 2.0 through UMM 2.5 and FM 9.13.1
  • Please open case with TAC to apply mitigation script
  • Not venerable to CVE-2021-44832
Access Points  - Indoor and Outdoor
All versions  Not ApplicableNo

IoTAll versionsTBDUnder Assessment
  • Flexera Embedded is vulnerable. Waiting for fix from vendor
RUCKUS Cloud 21.11  20 December 2021 Yes
  • No action required.  Patches will update into production on release date.
  • CVE-2021-44228 resolved
  • Not vulnerable to CVE-2021-45046, CVE-2021-45105 and CVE-2021-44832
SCI SCI (Cloud)
16 December 2021 Yes
  • No action required.  Patches will update into production on release date
  • CVE-2021-44228 and CVE-2021-44832 resolved
  • Not vulnerable to CVE-2021-45046 and CVE-2021-45105
SCI (on-prem), versions: 5.3.1, v5.4.2 and v5.5.x
20 December 2021 Yes
  • Mitigation steps are provided in KBA #10215 
  • Resolves CVE-2021-44228, CVE-2021-45046 and CVE-2021-44832
  • SCI not vulnerable to CVE-2021-45105 
Unleashed Multi-Site Manager (UMM) 2.6 January 2022 No
  • Expected GA mid Jan 2022
  • Not vulnerable to CVE-2021-44832 
2.0 through 2.5 29 December 2021 Yes
  • Update can be applied to resolve UMM 2.0 through UMM 2.5 and FM 9.13.1
  • Please open case with TAC to apply mitigation script
  • Not vulnerable to CVE-2021-44832 
RUCKUS SmartZone (FIPS) and
Virtual SmartZone (FIPS)
5.2.1.3  17 December 2021
Yes
  • KSP resolves CVE-2021-44228 and CVE-2021-45046
  • SZ/vSZ not vulnerable to CVE-2021-45105 or CVE-2021-44832 
5.1.2.3

24 December 2021  
Yes
  • KSP resolves CVE-2021-44228 and CVE-2021-45046
  • SZ/vSZ not vulnerable to CVE-2021-45105 or CVE-2021-44832 

Working...Please wait

This is here to prevent you from accidentally submitting twice.

The page will automatically refresh.