Pure Responds to Log4j Vulnerability

Pure Storage is working diligently to protect our customers, products, and partner ecosystem from the impact of the Log4j/Log4Shell vulnerabilities. 

We have evaluated the impact of the issues across all our products and have completed an assessment of these vulnerabilities.

To remediate the Log4j/Log4Shell issues on all Pure products, Pure is providing both security patch availability and fixed software versions to customers via a variety of methods to best meet customers’ needs and schedules.

A self-service, online, non-disruptive patch to address the Log4j/ Log4Shell CVE-2021-44228 vulnerability is NOW AVAILABLE to be delivered via Pure1 for specified versions. Click HERE for more details in Pure’s continuously updated security advisory. Additionally, we recommend network security best practices that minimize the risk of compromise due to these vulnerabilities.  

Pure teams are monitoring the evolving information around these issues, adapting as conditions change and determining the best possible resolution options for our customers.