Apache Log4j2 vulnerability CVE-2021-44228

Apache Log4j2 vulnerability CVE-2021-44228

Q: Does Apache Log4j2 vulnerability CVE-2021-44228 (https://nvd.nist.gov/vuln/detail/CVE-2021-44228) affect CPM?
A: No, this vulnerability is not relevant to any version of CPM
    • Related Articles

    • Download logs fails with error 500 and apache does not start

      Issue: Trying to download logs from the UI fails with error 500 And apache logs showing permission error in /var/log/apache2/error.log (need to run sudo su command to access folder/file)[Sun Jan 08 06:25:58.075748 2023] [wsgi:error] [pid 27795:tid ...
    • CPM instance hardening for vulnerability scans

      In order to perform the below operations, you need to connect to the instance with SSH (your assigned private key and username: "cpmuser"). 1) (Only in v2.3 and up) To enforce usage of TLS 1.2, please edit the file /etc/apache2/mods-enabled/ssl.conf. ...
    • Cleanup Log

      This feature was added to allow CPM users to better understand whether Cleanup process ran successfully. It can be found in the “General Settings” tab. The Cleanup Interval may be set to run every 1 to 24 hours. Last cleanup timestamp will show the ...
    • CPM and "Dirty COW" Linux vulnerability

      In order to fix the "Dirty COW" vulnerability, please follow these instructions: https://support.n2ws.com/portal/kb/articles/how-to-update-the-ubuntu-distribution-on-the-cpm-instance
    • A clarification about the "debian-sys-maint" vulnerability reported by AWS Marketplace

      You may have received an email from the AWS Marketplace indicating a possible vulnerability in Cloud Protection Manager. The content of that email is included at the bottom of this article.   IMPORTANT: Your data was not breached and is not in any ...