Thanks CHandra for the details. We are removing the jar file from all Client/Agent hosts. But need your suggestion to deal with Event Server hosts wherein below services are running.
Is there any specific process is there to deal with log4j in the master autosys(event server) hosts or only way is to raise a case with CA support ? Please suggest.
CA Services Status Report
Component Name Pid Status
------------------------------------ ------- --------------
WAAE Application Server (EQA) 18328 running
WAAE Scheduler (EQA) 18592 running
WAAE Agent (WA_AGENT) 17570 running
CA-wcc-services Server 6210 running
CA-diadna Server 16092 running
CA-CCI Server 16224 running
CA-CCI Remote Server 16278 running
CA-CCI Clean Up 16225 running
CA-CCI Legacy Proxy 16226 running
CA-WV Status Server 16962 running
CA-wcc-db Server 7673 running
CA-wcc Server 7713 running
Original Message:
Sent: Jun 03, 2022 03:34 AM
From: Chandrasekaran Venkataraman
Subject: log4j-1.2.16.jar vulnerability in Autosys
Okay to remove log4j-1.2.16.jar on Autosys Client/Agent hosts.
NOT okay to remove on hosts with Autosys Java SDK.
Not OK to remove on AE Web services.
Not OK to remove on WCC servers.
Not OK to remove on EEM servers, if you have any.
Original Message:
Sent: Jun 03, 2022 01:46 AM
From: Subrat Kumar Gochhait
Subject: log4j-1.2.16.jar vulnerability in Autosys
Thanks Chandra for the details shared.
Would you please let us know if we can delete the log4j jars manually in 11.3.6 SPx ? If yes which are the paths and file to change ?
Thanks,
Subrat
Original Message:
Sent: Jun 02, 2022 02:56 PM
From: Chandrasekaran Venkataraman
Subject: log4j-1.2.16.jar vulnerability in Autosys
Log4j fix was made available for r12SP1
https://support.broadcom.com/web/ecx/solutiondetails?aparNo=99111357&os=MULTI-PLATFORM
As for 11.3.6 SPx, you'll need to remove the vulnerable classes in the log4j-1.2.16.jar file (and various other jar files under WCC, EEM, Agent, etc) by hand. If you open a case with CA Support, they may provide you with a basic shell script that does the work. We have had to use a home-grown python tool to do the same.
Original Message:
Sent: Jun 01, 2022 02:34 AM
From: Subrat Kumar Gochhait
Subject: log4j-1.2.16.jar vulnerability in Autosys
Hi,
We are using Workload Autosys AE version 11.3.6 and after checking the log4j library , we found the below path.
/opt/CA/WorkloadAutomationAE/autosys/lib/log4j-1.2.16.jar
So here, do we need to take any action for the log4j vulnerability ?
Thanks,
Subrat