Data Protection Advisor: Manual remediation for Log4j vulnerabilities-Windows commands only (CVE-2021-44228 and CVE-2021-45046)
요약: This article provides instructions for manual remediation of a DPA Agent running on a Microsoft Windows node that is affected by the Apache Log4j vulnerabilities (CVE-2021-44228 and CVE-2021-45046). ...
이 문서는 다음에 적용됩니다.
이 문서는 다음에 적용되지 않습니다.
이 문서는 특정 제품과 관련이 없습니다.
모든 제품 버전이 이 문서에 나와 있는 것은 아닙니다.
지침
These instructions require only Windows native commands, access to the server (for example, Remote Desktop), and Windows Explorer.
These instructions can be applied to any type of Windows DPA installation including the DPA Application, DPA Datastore, and Standalone DPA Agent (installed alone on a server or on another type of application server).
See the linked Dell Security Advisory for more information about the Apache Log4j vulnerabilities: For questions or assistance with these instructions, contact Dell Technical Support.
Steps for manual remediation:
Note:
For questions or assistance with these instructions, contact Dell Technical Support.
These instructions can be applied to any type of Windows DPA installation including the DPA Application, DPA Datastore, and Standalone DPA Agent (installed alone on a server or on another type of application server).
See the linked Dell Security Advisory for more information about the Apache Log4j vulnerabilities: For questions or assistance with these instructions, contact Dell Technical Support.
Steps for manual remediation:
Note:
- Windows Administrator privileges and access is required.
- No external utilities are required for these steps.
- Stop the DPA Agent service. Do this by using the Windows Services snap-in or from the command line using the Windows PowerShell.
From the Windows PowerShell window, if this is an Agent installation on the DPA Application or DPA Datastore, the command is:
dpa agent stop
From the Windows PowerShell window, if this is a Standalone DPA Agent installation the command is:
<dpa agent install path>\dpa stop
Example:
C:\Program Files\EMC\DPA\agent\etc\dpa stop
- Open a Windows Explorer window. Go to the <dpa_installation_path>\agent\lib directory.
- For each of the six .jar files below, make a backup copy of the .jar file. Copy and rename with _bak extension or something similar (Example is demonstrated with one of the files).
- Change the .jar file extension from .jar to .zip.
- For each of the six .zip files, double-click the file to descend into the .zip and directory structure (Example that is demonstrated with one of the files).
- Drill down the directory structure to the following location:
...\dpaagent_moddatadomain_analysis.zip\org\apache\logging\log4j\core\lookup\
- Delete the JndiLookup.class file.
- Navigate back to the ...\agent\lib directory. Note: The file size has changed slightly.
- Rename the file extension from .zip to .jar.
- After this procedure is complete for all 6 .jar files, the workaround is complete.
- Start the DPA Agent service. Do this by using the Windows Services snap-in or from the command line using the Windows PowerShell.
From the Windows PowerShell window, if this is an Agent installation on the DPA Application or DPA Datastore, the command is:
dpa agent start
From the Windows PowerShell window, if this is a Standalone DPA Agent installation, the command is:
<dpa agent install path>\dpa start
Example:
C:\Program Files\EMC\DPA\agent\etc\dpa start
- If wanted, rerun a data collection Request to ensure it continues to work without issue. In the below example, we have verified with the Data Domain Analysis Request.
For questions or assistance with these instructions, contact Dell Technical Support.
문서 속성
문서 번호: 000194903
문서 유형: How To
마지막 수정 시간: 14 12월 2022
버전: 4
다른 Dell 사용자에게 질문에 대한 답변 찾기
지원 서비스
디바이스에 지원 서비스가 적용되는지 확인하십시오.