UI issues in the Foglight Management Server after upgrading cartridges to the 5.9.7.23 or 5.9.7.24 version.
Corresponding Log4j 2.17.1 files are missing from the Foglight Management Server.
RESOLUTION 1 * Recommended *
Upgrade the Foglight Management Server, Foglight Agent Managers, and cartridges to the 6.1.0 or higher releases
RESOLUTION 2
Note: A previous version of this Knowledgebase article provided two Log4j files to be added to the FMS to resolved UI issues. These recommendation has been replaced with this new Global view cartridge.
To remove the previous log4j files referenced by this KB articleDoes this issue affect any other cartridge versions?
R&D has confirmed that the issues were specific to the 5.9.7.23 and 5.9.7.24 cartridges installed in any FMS version below 6.1.
What about the log4j.jar file already in the FMS lib folder?
R&D has confirmed that users should also leave the existing log4j.jar file on the FMS.
Is there an impact on the Log4j vulnerability issue identified earlier?
This should not have any impact on the Log4j vulnerability issue.
Did the upgrade to the 5.9.7.23 or 5.9.7.24 cartridges introduce a security violation?
No security violation introduced with the cartridge. These cartridges replaced the older log4j versions with log4j 2.17.1. However this newer Log4j 2.17.1 is the cartridges requires a matching Log4j 2.17.1 jar files to be included on the FMS server to work. What is suggested in Resolution 2 is to add the newer Log4j files with the older Log4j files already on the FMS. The FMS 5.9.8 (and 5.9.7, etc.) didn’t receive any Log4j update, these all continued to use the older Log4j files. Only the database cartridges were updated. Quest's primary recommendation is to upgrade all components to 6.1.0 and higher.
Do the 5.9.7.22 cartridges have a security violation?
The Log4j CVE described in Knowledgebase article 336091 should not apply to 5.9.7.22 (and lower) either because the cartridges do not use the Java SocketServer class. The primary concern was that the database cartridges simply had the Log4j files present within the database cartridges. This prompted requests to have the 5.9.7.23 cartridges be repacked with the newer Log4j because the version numbers in the older Log4j files were being flagged by filename scanning software application analyzing Foglight Agent Manager servers.
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center