CVE-2026-34478 Apache Log4j Vulnerability in NetApp Products
Summary
Apache Log4j versions 2.21.0 through 2.25.3 and 3.0.0-alpha1 through 3.0.0-beta3 are susceptible to a vulnerability which when successfully exploited could lead to addition or modification of data. Successful exploitation of this vulnerability could lead to addition or modification of data. Affected products: Data Infrastructure Insights and Data Secure Storage Workload Security Agent. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
- 2.21.0
- 2.25.3
- 3.0.0
Official advisory · high-confidence parse· fetched 3 hours ago·verify at source
Mitigation
The vendor states no workaround or mitigation is currently available. Prioritize upgrading to a fixed release, and follow the official advisory for interim guidance.
Official advisory · high-confidence parse· fetched 3 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.