Log4Shell Log4J exploit in Cpanel?

Update: this only seems to affect those users whom have Solr installed via Cpanel.

Also, since it was patched by Apache last week and included in Cpanel updates, another vulnerability was detected and patched (as of yesterday: Tues 14th Dec).


Example output on a patched server:

# rpm -qv --changelog cpanel-dovecot-solr|grep "CVE-2021-45046"
- Remove JndiLookup.class from log4j to mitigate CVE-2021-45046
 
Top