Update on the recent Apache Log4j2 vulnerabilities - Impact on Zoho Analytics On Premise Deployments
Dear Users,
Three high severity vulnerabilities (CVE- 2021-44228, CVE-2021-45105 and CVE-2021-45046), impacting multiple versions of Apache Log4j utility, was disclosed publicly on December 9, 2021. We have found no evidence of any successful exploitation in Zoho Analytics On Premise software as of today. We are continuing to analyse the issue and will provide updates of any new findings.
However the affected log4j version is present within Zoho Analytics On Premise as a bundled dependency, hence we strongly recommend all our customers to follow the below steps as a precautionary measure:
Linux users:
- Open a terminal and navigate to "Analytics/lib/".
- Execute the command "zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class".
- Restart Zoho Analytics On Premise service.
Windows users:
- Download and install 7-Zip from the 7-Zip home page
- After installing 7-Zip, open a command prompt and navigate to the 7-Zip installation folder (ex: C:\Program Files\7-Zip\).
- Now execute the command: "7z d <Zoho_Analytics_installed_Location>\Analytics\lib\log4j-core-2.7.jar org\apache\logging\log4j\core\lookup\JndiLookup.class". This will look like "7z d C:\Zoho\Analytics\lib\log4j-core-2.7.jar org\apache\logging\log4j\core\lookup\JndiLookup.class"
- Restart Zoho Analytics On Premise service.
Note: These vulnerabilities will be fixed in Zoho Analytics On Premise from build 5070 (upcoming). The above steps are applicable only if your Zoho Analytics On Premise is on build 5000, 5010, 5020, 5030, 5050, and 5060. The rest of the Zoho Analytics On Premise builds are not affected.
Important Note: Zoho Analytics cloud service is also not affected by these vulnerabilities. Please refer to this link for more details on this.
For any additional details or assistance, please reach out to us at onprem-support@zohoanalytics.com
Last updated on : 22nd Dec 2021 09:15 GMT
Topic Participants
6_Titus Andrews
Sticky Posts
[Customer Talk] PREMO Group's Analyst Interview at Zoho Day 2022
Premo Group, a 50 year old Spanish Manufacturing Company, has been our long-standing customer with #ZohoAnalytics. They've been using our platform for their end-to-end, unified business analytics solution. Hear more from Claudio Cabeza, Director at PREMOAnnouncing Zoho Analytics 5.0 -- A Modern Self-service BI & Analytics Platform
We are extremely delighted to unveil Zoho Analytics 5.0 - A Modern Self-service BI and Analytics platform to the public. Experience analytics like never before with the following new capabilities and enhancements: Comprehensive AI-Powered Data PreparationZoho Analytics | Quarterly Newsletter | Q2 2022
Hello Everyone! I hope all of you are safe and well! Zoho Analytics - Q2 Quarterly Newsletter is out now! Check out the newsletter (attachment) to know all about our new features, recognitions, webinars, blogs, and many more exciting things. Do let usZoho Analytics: 2021 Look Back
As we start a new year in 2022, here's some of our top moments from 2021. Zoho Analytics in 2021Update on the recent Apache Log4j2 vulnerabilities - Impact on Zoho Analytics On Premise Deployments
Dear Users, Three high severity vulnerabilities (CVE- 2021-44228, CVE-2021-45105 and CVE-2021-45046), impacting multiple versions of Apache Log4j utility, was disclosed publicly on December 9, 2021. We have found no evidence of any successful exploitation
New to Zoho TeamInbox?
Zoho TeamInbox Resources
Zoho DataPrep Resources
Zoho CRM Plus Resources
Zoho Books Resources
Zoho Subscriptions Resources
Zoho Desk Resources
Zoho Projects Resources
Zoho Sprints Resources
Qntrl Resources
Zoho Creator Resources
Zoho WorkDrive Resources
Zoho Campaigns Resources
Zoho CRM Resources
Design. Discuss. Deliver.
Zoho Show Resources
Get Started. Write Away!
Writer is a powerful online word processor, designed for collaborative work.
Zoho CRM コンテンツ
-
オンラインヘルプ
-
Webセミナー
-
機能活用動画
-
よくある質問
-
Ebook
-
-
Zoho Campaigns
-
Zoho サービスのWebセミナー