Apache Log4j Vulnurabilities
search cancel

Apache Log4j Vulnurabilities

book

Article ID: 281606

calendar_today

Updated On:

Products

DX Unified Infrastructure Management (Nimsoft / UIM)

Issue/Introduction

After upgrade the UIM to 20.49, still exists  below vulnerabilities :-

  Path              : D:\Program Files (x86)\Nimsoft\probes\service\wasp\webapps\cabi.war
  Installed version : 1.2.17
  Fixed version     : 2.16.0

Path              : E:\Program Files (x86)\Nimsoft\probes\service\wasp\lib\services\log4j-1.2.17.jar
  Installed version : 1.2.17
  Fixed version     : 2.16.0

  Path              : E:\Program Files (x86)\Nimsoft\probes\service\wasp\webapps\samlsso.war
  Installed version : 1.2.16
  Fixed version     : 2.16.0

Path              : E:\Program Files (x86)\Nimsoft\probes\service\wasp\lib\services\log4j-1.2.17.jar
  Installed version : 1.2.17

 

Environment

UIM 20.49

Resolution

 Something didn't happen right when it was upgraded.  Old versions are left behind.

Follow the below step:-

== Deactivated the wasp

== Delete the E:\Program Files (x86)\Nimsoft\probes\service\wasp\lib\services\log4j-1.2.17.jar file as this is not being used with wasp 20.49

== Delete the  D:\Program Files (x86)\Nimsoft\probes\service\wasp\webapps\cabi.war

== Delet the E:\Program Files (x86)\Nimsoft\probes\service\wasp\webapps\samlsso.war

== Activate the wasp

Powered by Wolken Software