Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2019
Views
25
Helpful
5
Replies

What does ise-apply-CSCwa47133_Ver_24_30_allpatches-SPA.tar patch do?

Go to solution
Noah L
Level 1
Level 1

‎01-05-2022 06:38 PM

What does ise-apply-CSCwa47133_Ver_24_30_allpatches-SPA.tar patch exactly do to address log4j vulnerability?
Does someone have documentation on it as the cisco provided one only contains the installation steps.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marcelo Morais
VIP
VIP

‎01-06-2022 05:15 AM

Hi @Noah L ,

 please take a look at the following info during the Hot Patch installation:

ise/admin# application install ise-apply-CSCwa47133_Ver_24_30_allpatches-SPA.tar.gz LOCAL
...
Taking backup of file /opt/CSCOcpm/elasticsearch/lib/log4j-core-*.jar
...
Removing the vulnerable class file JndiLookup.class from log4j-core
...

 

Hope this helps !!!

View solution in original post

5 Replies 5

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame

‎01-05-2022 06:49 PM

@Noah L wrote:

What does ise-apply-CSCwa47133_Ver_24_30_allpatches-SPA.tar patch exactly do to address log4j vulnerability?
Does someone have documentation on it as the cisco provided one only contains the installation steps.

Release Notes for Log4j2-fix-2.4-3.0

0 Helpful

Go to solution
Noah L
Level 1
Level 1
In response to Leo Laohoo

‎01-05-2022 06:53 PM

Hi Leo,

 

Thanks for responding. Unfortunately this is the one im referring to "cisco provided one only contains the installation steps".

I would like to know what does the patch actually do on fixing the log4j vulnerability.

0 Helpful

Go to solution
Leo Laohoo
Hall of Fame
Hall of Fame
In response to Noah L

‎01-05-2022 07:23 PM

@Noah L wrote:

I would like to know what does the patch actually do on fixing the log4j vulnerability.

Raise a TAC Case.

Go to solution
Marcelo Morais
VIP
VIP

‎01-06-2022 05:15 AM

Hi @Noah L ,

 please take a look at the following info during the Hot Patch installation:

ise/admin# application install ise-apply-CSCwa47133_Ver_24_30_allpatches-SPA.tar.gz LOCAL
...
Taking backup of file /opt/CSCOcpm/elasticsearch/lib/log4j-core-*.jar
...
Removing the vulnerable class file JndiLookup.class from log4j-core
...

 

Hope this helps !!!

Go to solution
Noah L
Level 1
Level 1
In response to Marcelo Morais

‎01-06-2022 06:01 PM

Thank you!

0 Helpful
Customers Also Viewed These Support Documents