LAST UPDATE: 09/13/2023
Are any of the components of CAPM affected by the log4j vulnerability that was announced recently - CVE-2021-44228, CVE-2021-45046 and CVE-2021-44832
Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker-controlled LDAP and other JNDI-related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled
Recent update 09/13/23: It appears some recent scans have been triggering on the following files on the Data Repository:
All Supported Versions
This vulnerability affects all versions of log4j from 2.0-beta9 to 2.14.1
Only the following components are affected:
The NetOps Portal and Data Aggregator Proxy are not affected.
Versions Affected: Customers running 21.2.2-21.2.6 must run the following on the DA (both DA in FT environment) and all DCs. Version 21.2.7 ships with 2.17.1 for DA / DC karaf. No mitigation steps are are needed for 21.2.7+
Versions Affected: All Data Repository Nodes running Vertica 9.1.1 and 10.1.1 (Performance Management 3.7.x - 21.2.x):
Become <dbadmin> user on any Vertica node.
$ su - dradmin
To uninstall the Kafka Vertica package, run:
/opt/vertica/bin/admintools -t uninstall_package -d <dbname> -p<dbpassword> -P kafka
$ /opt/vertica/bin/admintools -t uninstall_package -d drdata -p dbpass -P kafka
If you re-run the same syntax, you will get a message that the Kafka package is not currently installed:
Note that the kafka package is still displayed in the following syntax:
$ /opt/vertica/bin/admintools -t list_packages
Log into each Vertica node as root, and run this command:
rm -rf /opt/vertica/packages/kafka
After removing the kafka files, it is no longer displayed in the following syntax:
No need to restart Vertica.