Log4J Vulnerability – CVE-2021-44228 (https://nvd.nist.gov/vuln/detail/CVE-2021-44228)
To fix this issue please follow the steps below. All ArkCase versions 2021.02.28 and before are affected by this vulnerability. If you are using a newer version of ArkCase, then nothing needs to be done.
Note: This fix will require a Solr and ArkCase restart. Please make sure you back up both setenv.sh and solr.in.sh files before making these changes.
- Log into the server via ssh
- Switch the user to root
- sudo su
- Stop ArkCase service
- systemctl stop arkcase
- Stop Solr service
- systemctl stop solr
- Navigate to /opt/app/arkcase/app/arkcase/bin or /opt/arkcase/app/arkcase/bin
- Make backup of the setenv.sh
- cp setenv.sh setenv.sh.BACKUP
- Open the setenv.sh file
- Find the following string:
- export JAVA_OPTS=”-Djava.net.preferIPv4Stack=true –
- Add -Dlog4j.formatMsgNoLookups=true before closing the quotes
- Navigate to /opt/app/arkcase/app/solr/bin or /opt/arkcase/app/arkcase/bin
- Make a backup of the solr.in.sh file
- cp solr.in.sh solr.in.sh.BACKUP
- Find the following string
- SOLR_OPTS=”$SOLR_OPTS -Dcom.sun.management.jmxremote –
- Add -Dlog4j.formatMsgNoLookups=true before closing the quotes
- Start solr by running the following command
- systemctl start solr
- Start arkcase by running the following command
- systemctl start arkcase
Recent Comments