Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
8072
Views
70
Helpful
19
Replies

CSCwa47133 - Evaluation log4j CVE-2021-44228

Evelyn Riha
Level 1
Level 1

‎12-13-2021 04:52 AM

Are there any checks or verifications known to see if ISE was not infiltrated by someone using log4j?

8 people had this problem
Labels:
19 Replies 19

othydojo
Level 1
Level 1
In response to AnilKumar95946

‎12-17-2021 09:28 AM

I was encountering the same issue. Turns out when I first downloaded the file it was 20KB, tried again it was 5KB. It could be that the hot-fix that was downloaded was corrupted somehow. Re-download the hot-fix and try again, that worked for me.

 

Gwendolyn Lapasky
Level 1
Level 1

‎12-17-2021 07:17 AM

Hello -

 

We successfully applied the hot fix ise-apply-CSCwa47133_Ver_24_30_allpatches-SPA.tar.gz  to our ISE nodes last night.

Our Risk Management team is asking for the version of log4j that is now installed.

Can you please verify what version we're now running?

0 Helpful

Tobias Moritz
Level 1
Level 1
In response to Gwendolyn Lapasky

‎12-20-2021 02:54 AM

@Gwendolyn Lapasky: The hotfix ise-apply-CSCwa47133_Ver_24_30_allpatches-SPA.tar.gz does not change the log4j version. The developers just removed the JndiLookup.class from the jar file.

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame

‎12-17-2021 04:29 PM - edited ‎12-17-2021 04:29 PM

ISE 3.1 patch 1 can be found HERE.

ISE 3.1 patch 1 Release Notes can be found HERE.

NOTE:  Applying patch 1 will restart the services.  

0 Helpful

access.cs1
Level 1
Level 1

‎12-27-2021 02:09 AM

Still no guidelines to verify for exploit ?

0 Helpful
Customers Also Viewed These Support Documents