Data Protection Advisor: Manual remediation for Log4j vulnerabilities-Windows commands only (CVE-2021-44228 and CVE-2021-45046)
Samenvatting: This article provides instructions for manual remediation of a DPA Agent running on a Microsoft Windows node that is affected by the Apache Log4j vulnerabilities (CVE-2021-44228 and CVE-2021-45046). ...
Dit artikel is van toepassing op
Dit artikel is niet van toepassing op
Dit artikel is niet gebonden aan een specifiek product.
Niet alle productversies worden in dit artikel vermeld.
Instructies
These instructions require only Windows native commands, access to the server (for example, Remote Desktop), and Windows Explorer.
These instructions can be applied to any type of Windows DPA installation including the DPA Application, DPA Datastore, and Standalone DPA Agent (installed alone on a server or on another type of application server).
See the linked Dell Security Advisory for more information about the Apache Log4j vulnerabilities: For questions or assistance with these instructions, contact Dell Technical Support.
Steps for manual remediation:
Note:
For questions or assistance with these instructions, contact Dell Technical Support.
These instructions can be applied to any type of Windows DPA installation including the DPA Application, DPA Datastore, and Standalone DPA Agent (installed alone on a server or on another type of application server).
See the linked Dell Security Advisory for more information about the Apache Log4j vulnerabilities: For questions or assistance with these instructions, contact Dell Technical Support.
Steps for manual remediation:
Note:
- Windows Administrator privileges and access is required.
- No external utilities are required for these steps.
- Stop the DPA Agent service. Do this by using the Windows Services snap-in or from the command line using the Windows PowerShell.
From the Windows PowerShell window, if this is an Agent installation on the DPA Application or DPA Datastore, the command is:
dpa agent stop
From the Windows PowerShell window, if this is a Standalone DPA Agent installation the command is:
<dpa agent install path>\dpa stop
Example:
C:\Program Files\EMC\DPA\agent\etc\dpa stop
- Open a Windows Explorer window. Go to the <dpa_installation_path>\agent\lib directory.
- For each of the six .jar files below, make a backup copy of the .jar file. Copy and rename with _bak extension or something similar (Example is demonstrated with one of the files).
- Change the .jar file extension from .jar to .zip.
- For each of the six .zip files, double-click the file to descend into the .zip and directory structure (Example that is demonstrated with one of the files).
- Drill down the directory structure to the following location:
...\dpaagent_moddatadomain_analysis.zip\org\apache\logging\log4j\core\lookup\
- Delete the JndiLookup.class file.
- Navigate back to the ...\agent\lib directory. Note: The file size has changed slightly.
- Rename the file extension from .zip to .jar.
- After this procedure is complete for all 6 .jar files, the workaround is complete.
- Start the DPA Agent service. Do this by using the Windows Services snap-in or from the command line using the Windows PowerShell.
From the Windows PowerShell window, if this is an Agent installation on the DPA Application or DPA Datastore, the command is:
dpa agent start
From the Windows PowerShell window, if this is a Standalone DPA Agent installation, the command is:
<dpa agent install path>\dpa start
Example:
C:\Program Files\EMC\DPA\agent\etc\dpa start
- If wanted, rerun a data collection Request to ensure it continues to work without issue. In the below example, we have verified with the Data Domain Analysis Request.
For questions or assistance with these instructions, contact Dell Technical Support.
Artikeleigenschappen
Artikelnummer: 000194903
Artikeltype: How To
Laatst aangepast: 14 dec. 2022
Versie: 4
Vind antwoorden op uw vragen via andere Dell gebruikers
Support Services
Controleer of uw apparaat wordt gedekt door Support Services.