Published under Category : Network Attached Storage

QNAP Core OS and Apps are not affected by log4j vulnerability but you may still be vulnerable

Many QNAP owners have asked us for information about the Log4j vulnerability, whether it affects QNAP devices, and what they can do to protect themselves.

QNAP does not have just one OS - they have 3 - the oldest QTS, the Enterprise QES and the new QTS Hero. All 3 OS are not affected by the Log4j vulnerability.

Qnap has also confirmed that their core apps are not vulnerable to Log4j, so the QNAP core OS and the apps are secure.

Third-party apps, virtualized apps, or Docker apps could still be vulnerable. QNAP has disabled many apps in the App Store that were vulnerable, but not all are disabled. For example, if you have a Docker app installed, QNAP cannot disable it.

If you are concerned about this - Perform an app audit - make a list of all the apps you use and check if any of them use log4j. Remove, disable or patch the app that you are not using or that is vulnerable.


About Author : Akash Jain

I have worked in Data Storage Industry since 1998. I loves Technology and write often about NAS, Hard drives, Tapes and Flash technologies

FREE Delivery in UAE

Including Dubai, Abu Dhabi and Sharjah

NAS Experts

QNAP , Synology Top Sub Distributor and Service Partners in UAE

TOP Integrator

Second time Winner of GEC Awards in Data Storage Category UAE

Honest and Credible

4.8+ Star Google rating. Thousands of satisfied customers in UAE