- To confirm mitigations are effective, run the following from the terminal:
- Command 1: An entry should be added to the /etc/cb/solr*/solr.in.sh file for the parameter: SOLR_OPTS="$SOLR_OPTS -Dlog4j2.formatMsgNoLookups=true"
grep /etc/cb/solr*/solr.in.sh -e 'formatMsgNoLookups'
- Command 2 (all affected EDR versions): Post implementation this command should not return a value for 'JndiLookup.class':
zip -sf /usr/share/cb/solr/server/lib/ext/log4j-core-2.13.3.jar | grep 'JndiLookup.class'