ELA-最新的Log4j vulnerabilities(CVE-2021 44228 & CVE-2021-45046) workaround

ELA-最新的Log4j vulnerabilities(CVE-2021 44228 & CVE-2021-45046) workaround

Please find the steps to mitigate the vulnerabilities CVE- 2021-44228 and CVE-2021-45046 on EventLog Analyzer.

1. Download/unzip the jar files from the below patch,

For EventLog Analyzer:
2. Stop the EventLog Analyzer Service.
3. Stop the Log360 Service.(if it is running and skip if it is not installed)
4. Open an admin cmd and navigate to the following location
      ·<Installation dir>/Eventlog Analyzer/ES/bin
            run stopES.bat file
      ·<Installation dir>/elasticsearch/ES/bin(Skip if location does not exist)
            run stopES.bat file
5. Place all the 3 jars from the patch in the following folders:
      ·<Installation dir>/Eventlog Analyzer/ES/lib
      ·<Installation dir>/elasticsearch/ES/lib(Skip if location does not exist)
6. Delete the following files from both <Eventlog Analyzer>/ES/lib  and <Installation dir>/elasticsearch/ES/lib (Skip if location does not exist)
      log4j-1.2-api-2.9.1.jar or log4j-1.2-api-2.15.0.jar
      log4j-api-2.9.1.jar  or log4j-api-2.15.0.jar
      log4j-core-2.9.1.jar or log4j-core-2.15.0.jar
7. Start the EventLog Analyzer Service.

    • Related Articles

    • ADMP-最新的Log4j vulnerabilities(CVE-2021 44228 & CVE-2021-45046) workaround

      In ADManager Plus the affected log4j version is used is in the bundled dependency, Please find the below precautionary measures against the latest log4j vulnerability (CVE-2021 44228 & CVE-2021-45046). There is no conclusive evidence of the exploit ...

    • EventLog Analyzer-扫描出CVE-2021-44832漏洞如何处理(已是最新build12214)?

      请先确认产品已经升级到最新的Build12214了! 升级产品到最新的build12214后,CVE-2021-44228,CVE-2021-45046和CVE-2021-45105漏洞已经分别修复。 但是如果此时还是扫描出CVE-2021-44832漏洞,请查看以下内容: Four high severity vulnerabilities, (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105 and CVE-2021-44832), ...

    • ELA-日志处理能力-log flow/日志流量最大值

      1.标准版: 最大(同时):Windows logs: 1500 - 2000 win logs/sec & Syslog:15000 Syslogs/sec 2.企业版(分布式):每1个探针可参照上面的1个标准版。 备注:日志处理能力除考虑系统软硬件要求外,应参考上面的日志流量不是日志源数量上限,关于日志流量在产品右上角日志接收器查看或者参考此文章估算。

    • ADA受CVE-2023-49331影响吗?

      经过和研发团队确认,ADA的8003版本修复了此漏洞.如果在使用低于8003版本,需要升级至8003或以上.如果已经使用8003或以上版本,则不会受此漏洞影响. CVE网站信息:https://www.cve.org/CVERecord?id=CVE-2023-49331

    • 【APM】Oracle Alert Log 查询语句

      对于 Oracle 12C 以下版本获取Oracle Alert Log的查询语句是: SELECT decode(MESSAGE_LEVEL,1,'CRITICAL',2,'SEVERE',8,'IMPORTANT',16,'NORMAL',MESSAGE_LEVEL) as MESSAGE_LEVEL,RECORD_ID,ORIGINATING_TIMESTAMP,HOST_ADDRESS,MESSAGE_TEXT FROM v$appman_alertlog_ext WHERE TRIM ...