Troubleshooting ApacheSolr vulnerability CVE-2021-44228 for Log4j

Share Article



This vulnerability affects the cpanel-dovecot-solr RPM that is provided by The install_dovecot_fts Script.


No other cPanel-provided packages are affected by this vulnerability and if cpanel-dovecot-solr is not installed there are no further steps needed.


cPanels internal development team is to investigate this further.



The only service provided by the cPanel software bundle that uses the logging utility Log4j is cpanel-dovecot-solr. If you do not have this installed, then your server is secure. Any new installations of Dovecot_FTS will include the patched RPM by default. You can check if this RPM is installed with the following command.





Share Article