Log4J exploit

SparkView

Red alert due to Log4J – all-clear for SparkView users.

The Security Community urgently warns of a security gap if the Log4J framework is used on servers. Attacks were increasingly registered and the danger of infiltration of malware is classified as very threatening. SparkView users can rest assured that this Java component is not used in our software.

FileCloud

Log4j is used in Solr in a FileCloud environment, as per the assessment from our dev team as long as Solr is on a private network not listening to an external IP address the impact is less. But as an immediate remedy, you can add the following directive to Solr’s bootstrap script then restart the Solr service.

Windows: (You need to do this only in your Solr/Cache Server)
File Path: C:\xampp\solr\bin\solr.in.cmd (Please make sure you have File Name extensions enabled in the folder view)
The line to be added:
set SOLR_OPTS=%SOLR_OPTS% -Dlog4j2.formatMsgNoLookups=true

Linux: (You need to do this only in your Solr/Cache Server)
File Path: /etc/default/solr.in.sh
The line to be added:
SOLR_OPTS=”$SOLR_OPTS -Dlog4j2.formatMsgNoLookups=true”

Line to be added:
set SOLR_OPTS=%SOLR_OPTS% -Dlog4j2.formatMsgNoLookups=true

Once this is done please restart the Content Search service from FileCloud Control Panel on the Solr (Cache) Server, in case of Linux run service solr restart.
As an additional note, for the FileCloud server, web UI, FC docconverter, and Android mobile application side Log4j is not used and has no impact.