Apache Log4j2 vulnerability CVE-2021-44228

Apache Log4j2 vulnerability CVE-2021-44228

Q: Does Apache Log4j2 vulnerability CVE-2021-44228 (https://nvd.nist.gov/vuln/detail/CVE-2021-44228) affect CPM?
A: No, this vulnerability is not relevant to any version of CPM
    • Related Articles

    • N2WS-24189 - OpenSSH vulnerability on CPM instance

      Issue: following reported vulnerability for OpenSSH: CVE-2024-6387 Solution: For versions 4.2.2/4.3.0, do the following steps: Take snapshot of the cpmdata volume Connect to N2WS server via SSH, user is cpmuser run following command: sudo apt update ...
    • Download logs fails with error 500 and apache does not start or Watchdog killed DR process

      Issue: Trying to download logs from the UI fails with error 500 or error Critical Error Watchdog Killed DR process after not responding for more than 1800 seconds And apache logs showing permission error in /var/log/apache2/error.log (you will need ...
    • Cleanup Log

      This feature was added to allow CPM users to better understand whether Cleanup process ran successfully. It can be found in the “General Settings” tab. The Cleanup Interval may be set to run every 1 to 24 hours. Last cleanup timestamp will show the ...
    • CPM instance hardening for vulnerability scans

      In order to perform the below operations, you need to connect to the instance with SSH (your assigned private key and username: "cpmuser"). 1) (Only in v2.3 and up) To enforce usage of TLS 1.2, please edit the file /etc/apache2/mods-enabled/ssl.conf. ...
    • N2WS-23161 - When server fails to terminate worker, it is failing to add log message

      Issue: When N2WS Server is failing to terminate a worker instance, there is an exception when adding the log Traceback (most recent call last): File "./cpmserver/cpm/backup_copy/proxy_operations.py", line 194, in terminate_proxy File ...