01-05-2022 06:38 PM
What does ise-apply-CSCwa47133_Ver_24_30_allpatches-SPA.tar patch exactly do to address log4j vulnerability?
Does someone have documentation on it as the cisco provided one only contains the installation steps.
Solved! Go to Solution.
01-06-2022 05:15 AM
Hi @Noah L ,
please take a look at the following info during the Hot Patch installation:
ise/admin# application install ise-apply-CSCwa47133_Ver_24_30_allpatches-SPA.tar.gz LOCAL
...
Taking backup of file /opt/CSCOcpm/elasticsearch/lib/log4j-core-*.jar
...
Removing the vulnerable class file JndiLookup.class from log4j-core
...
Hope this helps !!!
01-05-2022 06:49 PM
@Noah L wrote:
What does ise-apply-CSCwa47133_Ver_24_30_allpatches-SPA.tar patch exactly do to address log4j vulnerability?
Does someone have documentation on it as the cisco provided one only contains the installation steps.
01-05-2022 06:53 PM
Hi Leo,
Thanks for responding. Unfortunately this is the one im referring to "cisco provided one only contains the installation steps".
I would like to know what does the patch actually do on fixing the log4j vulnerability.
01-05-2022 07:23 PM
@Noah L wrote:
I would like to know what does the patch actually do on fixing the log4j vulnerability.
Raise a TAC Case.
01-06-2022 05:15 AM
Hi @Noah L ,
please take a look at the following info during the Hot Patch installation:
ise/admin# application install ise-apply-CSCwa47133_Ver_24_30_allpatches-SPA.tar.gz LOCAL
...
Taking backup of file /opt/CSCOcpm/elasticsearch/lib/log4j-core-*.jar
...
Removing the vulnerable class file JndiLookup.class from log4j-core
...
Hope this helps !!!
01-06-2022 06:01 PM
Thank you!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide