Hello All,
We have two Drobo5N devices that serve as backup storage for our file server. Corporate IT has told us that the D5N’s are showing up as having the “Samba Badlock Vulnerability”. I have upgraded the firmware and dashboard, but it did not help.
Can anyone else confirm that their Drobo 5N’s have this vulnerability? Or that you have run across this issue? Any solutions?
Thanks for your time,
Firmware: 3.5.11[8.90.81921]
Dashboard: 2.8.1[80644]
Windows Server 2008 R2 Standard
We have a build with the fix going through qualification so we should have an update available in the coming weeks.
I would point out though that “BadLock” is a man in the middle attack so unless you are exposing your shares directly to the Internet, i.e. no VPN, then the risk is low. In other words, an attacker would need to be on your LAN to take advantage of the exploit.