Welcome to Dell Technologies, data protection advisor How to video series MCDPA security update for Apache log forge a remote code execution vulnerability reference dellow article number 194651.
This video was created to demonstrate how to mitigate log for a vulnerability. This video demonstrates log four J vulnerability mitigation using log presso tool for windows and Linux DP A hosts.
If your version of data protection advisor is affected by the vulnerability, DELL recommends implementing this remediation as soon as possible in light of the critical severity of the vulnerability, make sure you have administrator or root access to DP A hosts.
Download the latest version of the log presso tool from the given link in place the extracted file in the system temp directory, log into the DPA host as root user and navigate to slash 10th directory.
Locate the downloaded file in extract using tower hyphen XVF command provide execute permissions to log four J two scan file by running the following command CH mod 755, stop the DP A services before executing the scan to stop the services on DP A application server host and data store server host, locate DP A installation directory and navigate to DP A slash services slash bin and run DPAS BC.
Stop command note to stop the agent services on stand alone remote proxy agent, locate agent installation directory and navigate to DP A slash agent slash etc and run DP A stop command. After all the DP A services are stopped, run the following command slash T slash log four J two scan hyphen hyphen fix followed by the DP A installation directory. Enter Y the scan is now running, the scan will detect the log for J vulnerability and automatically applies the fix.
This process may take a few minutes after the scan completes and the fix is applied. Start the DP A services to verify the fix. Run the following command slash T slash log four J two scan followed by the DP install directory. This will list the vulnerable files that was present which are now mitigated.
The process remains the same for Windows hosts except slight changes in the commands. After the file is downloaded and extracted. Stop the DP A services after the services are stopped. Navigate to temp directory and run the command log four J two scan dot exe hyphen hyphen fix followed by DP A install directory after the scan completes and the fix is applied, start the DP A services and verify the fix note, ensure to perform the steps on the DP A hosts and all the remote agent host to stop the agent services on remote proxy host.
Locate to DP A agent installation directory and navigate to DP A slash agent slash CTC and run the command DP A stop for more information, refer Dellow article number 194651 or contact the E MC technical support team.
Thank you for watching.