WDC Tracking Number: WDC-21016
Product Line: Multiple Products and Services
Published: December 13, 2021
Last Updated: December 16, 2021
Western Digital is aware of a high severity vulnerability (CVE-2021-44228) impacting multiple versions of the Apache Log4j 2 utility that was disclosed publicly via the project’s GitHub on December 9, 2021.
We are actively assessing our supported products and services for potential impact of this vulnerability. As necessary, we will post updates to this bulletin.
The Western Digital software, firmware, and hardware on the following supported products are unaffected:
We continue to investigate our products and services and ask for patience from you, our customers, while we work through this issue.
CVE Number: CVE-2021-44228, CVE-2021-45046