Skip to main content
Solved

LOG4J - APPS10 - log4j-core-2.8.2.jar

  • February 10, 2022
  • 2 replies
  • 248 views
J
Do Gooder
Forum|alt.badge.img+2

After implementing the “IFS Solution ID 298974” from

Impact of CVE-2021-44228 on IFS Products, Services | IFS Community 

the “Verification instructions” is:

Using a search engine like AgentRansack that can search within compressed files, scan the IFS-Home for instances of the JndiLookup.class (including instances within .jar, .ear and .war files)

 

But there are a number of “log4j-core-2.8.2.jar” (CVE-2021-44228) still being used in the application. By searching the associated handles in the resource manager, there is about 6 process running per environment. 

Is there any plan/recommendations of these files?

Best answer by Novishan Dissanayake

Hi @JamesM,

 

You can shutdown the servers and delete the relevant tmp folder in each server, then start them again. Since these are temp folders, we can safely ignore them.

 

Best Regards,

Novishan

View original
Did this topic help you find an answer to your question?
This topic has been closed for comments

2 replies

Novishan Dissanayake
Hero (Partner)
Forum|alt.badge.img+13

Hi @JamesM,

 

You can shutdown the servers and delete the relevant tmp folder in each server, then start them again. Since these are temp folders, we can safely ignore them.

 

Best Regards,

Novishan

Rusiru Dharmadasa
1 person likes this
  • Rusiru Dharmadasa
    Rusiru Dharmadasa
rayanhimal
Sidekick (Partner)
Forum|alt.badge.img+7
  • rayanhimal
  • Sidekick (Partner)
  • 26 replies
  • March 4, 2022
Novishan Dissanayake wrote:

Hi @JamesM,

 

You can shutdown the servers and delete the relevant tmp folder in each server, then start them again. Since these are temp folders, we can safely ignore them.

 

Best Regards,

Novishan

Hi @Novishan Dissanayake,
 

I had the same issue and I followed this step,

But once we delete the temp folder and start up the application, those log4j files being re-created.
Do we have any way to fully remove them? Isn’t this affecting?

Best Regards,
Rayan

Terms & ConditionsCookie settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings