We’ve made some big changes to the Community versions of the LogPresso Java-based Scan and Remediate Tasks, as well as adding a LogPresso-based “Remediation Rollback” task.
Updates are described in detail at Log4j CVE-2021-44228, CVE-2021-45046 Summary Page
The short version is
- Updated the Java versions of LogPresso scans to use scanner 2.7.1. (Only the Java versions, either with a temporary JRE download or system JRE, are updated; standalone binary scanner updates coming soon)
- Added Undo-Remediation Task for LogPresso-based remediation ( restore the original files where LogPresso removed JndiLookup.class )
- Updated “With Temporary JRE” Scan, Remediation, and Undo-Remediation tasks to explicitly remove the temporary JRE, Logpresso, and Unzip downloads from the __BESData\sitename__Download folder
- Add JSON report output to Java-based Scan/Remediation tasks (updated Analysis coming soon)
Java-based Remediation and Undo-Remediation Tasks no longer have a Default Action (must choose the Action explicitly)