{"id":6436,"date":"2021-12-17T03:24:42","date_gmt":"2021-12-17T03:24:42","guid":{"rendered":"https:\/\/www.geekdecoder.com\/?p=6436"},"modified":"2021-12-17T03:24:42","modified_gmt":"2021-12-17T03:24:42","slug":"apachesolr-vulnerability-cve-2021-44228-for-log4j","status":"publish","type":"post","link":"https:\/\/www.qbytes.cloud\/index.php\/2021\/12\/17\/apachesolr-vulnerability-cve-2021-44228-for-log4j\/","title":{"rendered":"ApacheSolr vulnerability CVE-2021-44228 for Log4j"},"content":{"rendered":"

A vulnerability in Apache Log4j, a widely used logging package for Java has been found. The vulnerability, which can allow an attacker to execute arbitrary code by sending crafted log messages, has been identified as CVE-2021-44228 and given the name Log4Shell. It was first reported privately to Apache on November 24 and was patched with version 2.15.0 of Log4j on December 9. It affects Apache Struts, Apache Solr, Apache Druid, Elasticsearch, Apache Dubbo, and VMware vCenter. Since then, it has been disclosed that in certain non-default conditions, the original patch was incomplete; this was designated as CVE-2021-45046 and a new version of Log4j, 2.16.0, has been released.<\/p>\n

<\/p>\n

Obtaining the Mitigation for CVE-2021-44228 For cPanel<\/p>\n

You can run a cPanel Update which will update the cpanel-dovecot-solr RPM for you:
\nHow to update cPanel\/WHM<\/p>\n

To update cPanel & WHM manually, use WHM\u2019s Upgrade to Latest Version interface (WHM >> Home >> cPanel >> Upgrade to Latest Version).
\nFor command line:<\/p>\n

To run this script on the command line, use the following format:<\/p>\n

\n\/usr\/local\/cpanel\/scripts\/upcp [options]\n<\/pre>\n
Alternatively you could update just the cpanel-dovecot-solr RPM via YUM as the root user with the following command:<\/p>\n
\nyum update cpanel-dovecot-solr\n<\/pre>\n
If you previously uninstalled cPanel Solr, you may install it again with the steps in this guide
\nHow to Install cPanel Solr<\/p>\n
Verifying That You Have The Mitigation In Place<\/p>\n
1. Login to the server via SSH or Terminal as the root user
\n2. Issue the following command:<\/p>\n
\nrpm -q --changelog cpanel-dovecot-solr | grep -B1 CPANEL-39455\n<\/pre>\n
If the mitigation has been successfully added to your server you will see the following output:
\nCode:<\/p>\n
\n# rpm -q --changelog cpanel-dovecot-solr | grep -B1 CPANEL-39455\n* Fri Dec 10 2021 Tim Mullin <tim@cpanel.net> -  8.8.2-4.cp1180\n- CPANEL-39455: Add mitigation for CVE-2021-44228\n<\/pre>\n
For non cPanel Servers
\nhttps:\/\/github.com\/lunasec-io\/lunasec\/releases\/
\nhttps:\/\/github.com\/rubo77\/log4j_checker_beta\/blob\/main\/README.md
\nhttps:\/\/logging.apache.org\/log4j\/2.x\/download.html<\/p>\n
Resources:<\/p>\n
https:\/\/support.cpanel.net\/hc\/en-us\/articles\/4415775520919-ApacheSolr-vulnerability-CVE-2021-44228-for-Log4j<\/p>\n
The Apache Log4j exploit and how to protect your cPanel server<\/a><\/p><\/blockquote>\n