Data Protector log4j vulnerability

Is there any solution for fixing this critical issue ?

Parents
  • hi,

    only version 10.20, 10,30 10,40 need intall some files, need to open case to request the file,and versions  10.50, 10.60, 10.70, 10.80, 10.90, 10.91 and 11.00 is only add one varible.

    Windows:

    1. Stop the reporting server if running, using the following command

    sc.exe stop rs_rest-as

    1. Stop the telemetry service if running, using the following command.

    sc.exe stop "Data Protector Telemetry Client Service"

    1. Add environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS using the following command.

    setx /m LOG4J_FORMAT_MSG_NO_LOOKUPS true

    1. Start the telemetry service if stopped in step 2 using the following command

    sc.exe start "Data Protector Telemetry Client Service"

    1. Start the reporting server if stopped in step1 using the following command.

    sc.exe start rs_rest-as

    Linux:

    1. Stop the reporting server if running, using the following command

    /etc/init.d/rs_rest-as stop

    1. Stop the telemetry service if running, using the following command.

    /opt/omni/bin/telemetry/dataprotector-telemetry-client-service.sh stop

    1. Add environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS using the following procedure.
    2. Create a file /etc/profile.d/dp.sh with the content “export LOG4J_FORMAT_MSG_NO_LOOKUPS=true”
    3. Run “export LOG4J_FORMAT_MSG_NO_LOOKUPS=true”
    4. Start the telemetry service if stopped in step 2 using the following command

    /opt/omni/bin/telemetry/dataprotector-telemetry-client-service.sh start

    1. Start the reporting server if stopped in step1 using the following command.

    /etc/init.d/rs_rest-as start

Reply
  • hi,

    only version 10.20, 10,30 10,40 need intall some files, need to open case to request the file,and versions  10.50, 10.60, 10.70, 10.80, 10.90, 10.91 and 11.00 is only add one varible.

    Windows:

    1. Stop the reporting server if running, using the following command

    sc.exe stop rs_rest-as

    1. Stop the telemetry service if running, using the following command.

    sc.exe stop "Data Protector Telemetry Client Service"

    1. Add environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS using the following command.

    setx /m LOG4J_FORMAT_MSG_NO_LOOKUPS true

    1. Start the telemetry service if stopped in step 2 using the following command

    sc.exe start "Data Protector Telemetry Client Service"

    1. Start the reporting server if stopped in step1 using the following command.

    sc.exe start rs_rest-as

    Linux:

    1. Stop the reporting server if running, using the following command

    /etc/init.d/rs_rest-as stop

    1. Stop the telemetry service if running, using the following command.

    /opt/omni/bin/telemetry/dataprotector-telemetry-client-service.sh stop

    1. Add environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS using the following procedure.
    2. Create a file /etc/profile.d/dp.sh with the content “export LOG4J_FORMAT_MSG_NO_LOOKUPS=true”
    3. Run “export LOG4J_FORMAT_MSG_NO_LOOKUPS=true”
    4. Start the telemetry service if stopped in step 2 using the following command

    /opt/omni/bin/telemetry/dataprotector-telemetry-client-service.sh start

    1. Start the reporting server if stopped in step1 using the following command.

    /etc/init.d/rs_rest-as start

Children
No Data