fbpx

Troubleshooting ApacheSolr vulnerability CVE-2021-44228 for Log4j

Share Article

Description

 

This vulnerability affects the cpanel-dovecot-solr RPM that is provided by The install_dovecot_fts Script.

 

No other cPanel-provided packages are affected by this vulnerability and if cpanel-dovecot-solr is not installed there are no further steps needed.

 

cPanels internal development team is to investigate this further.

Workaround

 

The only service provided by the cPanel software bundle that uses the logging utility Log4j is cpanel-dovecot-solr. If you do not have this installed, then your server is secure. Any new installations of Dovecot_FTS will include the patched RPM by default. You can check if this RPM is installed with the following command.

 

https://support.cpanel.net/hc/en-us/articles/4415775520919-ApacheSolr-vulnerability-CVE-2021-44228-for-Log4j

 

 


Share Article