Michael, definitely a good immediate solution.
Though, I'm concerned about long term tracking on this. We'd have to modify our system scanners to routinely scan inside all the various log4j.lar files and see if the class file is present, and trigger an alert if it finds it. This is because of ongoing application maintenance, etc. Someone may forget to modify the file after installing or upgrading an application.
Hopefully Genesys will go around and upgrade all their impacted apps with fixed jar files and we don't have to worry.
Angus, Did you have to rename the 2.16 files to match the older filenames, or did it pull in the 2.16 version automatically?
Example: Did you have to save the 2.16 version using something like the following?
rename log4j-2.16.0.jar log4j-1.2.17.jar
rename log4j-2.16.0.jar log4j-core-2.14.0.jar
------------------------------
Tony Morrow
------------------------------
Original Message:
Sent: 12-17-2021 03:35
From: Angus Huckle
Subject: About CVE-2021-44228 | a zero-day in the Apache Log4j 2 Java library
Another option for DMS and UCS is to replace the log4j jar files with their 2.16 equivalents.
The initial proposed mitigation for these did not work.
------------------------------
Angus Huckle
Spark NZ Trading
Original Message:
Sent: 12-16-2021 08:56
From: Michael Sann
Subject: About CVE-2021-44228 | a zero-day in the Apache Log4j 2 Java library
Genesys has updated the advisory and recommends to remove the JNDI class.
------------------------------
Michael Sann
InfinIT.cx GmbH
Original Message:
Sent: 12-16-2021 00:31
From: Duong Phan
Subject: About CVE-2021-44228 | a zero-day in the Apache Log4j 2 Java library
Dears !
We got the advisory from Genesy. In article, we see that: " The immediate threat can be mitigated by adding the following setting to the java command line:
"-Dlog4j2.formatMsgNoLookups=true" for all Genesys Java based components."
Someone did it, please share the procedure.
Thank you in advance.
John
#Security
------------------------------
Duong Phan
CMC SAI GON TECHNOLOGY AND SOLUTION COMPANY LIMITED
------------------------------