Skip to main content

ApacheSolr vulnerability CVE-2021-45046 for Log4j

Christopher Barnett
  • Updated

Symptoms

A vulnerability for Log4j was announced in CVE-2021-45046 and you want to ensure your server is secure as soon as a patch is published.

 

Description

This vulnerability affects the cpanel-dovecot-solr RPM that is provided by The install_dovecot_fts Script. As the cPanel Solr plugin only listens locally, this vulnerability can only be exploited by a local user and is not vulnerable externally.

 

No other cPanel-provided packages are affected by this vulnerability and if cpanel-dovecot-solr is not installed there are no further steps needed.

 

An internal case for our development team to investigate this further has been filed. For reference, the case number is CPANEL-39528. Follow this article to receive an email notification when a solution is published in the product. 

 

Workaround

The only service provided by the cPanel software bundle that uses the logging utility Log4j is cpanel-dovecot-solr. If you do not have this installed, then your server is secure. Any new installations of Dovecot_FTS will include the patched RPM by default once the new version is published. You can check if this RPM is installed with the following command.

 

Example if installed:

# rpm -q cpanel-dovecot-solr 
cpanel-dovecot-solr-8.8.2-5.12.1.cpanel.noarch

 

We have published an update with the mitigation for CVE-2021-45046 to the cpanel-dovecot-solr RPM in version 8.8.2-5.12.1 and higher. This patch will automatically be applied during the nightly updates if this package is installed. You can confirm if your server is patched by using the following command.

 

rpm -qv --changelog cpanel-dovecot-solr|grep "CVE-2021-45046"

 

Example output on a patched server:

# rpm -qv --changelog cpanel-dovecot-solr|grep "CVE-2021-45046"
- Remove JndiLookup.class from log4j to mitigate CVE-2021-45046

 

If the package is installed and does not show the patch information in the above command, you can perform an update using the following command.

 

yum update cpanel-dovecot-solr

 

For CVE-2021-44228, please see the following article.

ApacheSolr vulnerability CVE-2021-44228 for Log4j

Related articles

Comments

0 comments

Article is closed for comments.