Introduction
A critical vulnerability has been identified with the Apache Log4j logging component used by Java. This vulnerability allows an attacker to remotely execute unauthorized code.
Checks have been made with the appropriate development teams to determine which AMAG systems are affected by this vulnerability.
Systems Not Affected
Symmetry Access Control System, all versions.
Symmetry RDS/Citrix Web Access, all versions.
SymmetryWEB V3.x.
Symmetry Guest & Connect, Hosted.
Symmetry Incident Management System (IMS), all versions.
Symmetry CompleteView, all versions.
HISEC Thorguard Management System (TGMS), all versions.
Systems Affected
Symmetry Connect & Guest, On-Premise.
Symmetry Guest & Connect On-Premise
The on-prem version of Symmetry Guest & Connect uses Elastic Search which can call Log4j. It is possible to disable the use of Log4j without impacting system functionality. The start-up file needs to be edited on all Elastic servers as follows:
Edit the jvm.options file located in the following directory:
/etc/elasticsearch/node1/jvm.options
Add the following parameter and save the file:
-Dlog4j2.formatMsgNoLookups=true
Restart the Elastic server.
The link below provides more information about Elastic and the Log4J vulnerability:
The Development team are implementing a permanent fix by updating Elastic to the latest version. This will be available in due course.
Comments
0 comments
Please sign in to leave a comment.