Last week, a vulnerability was found in Log4j, (Apache Log4J library), an open-source logging library commonly used by apps and services across the internet. If left unfixed, attackers can break into systems, steal passwords and logins, extract data, and infect networks with malicious software. This makes Log4shell potentially the most severe computer vulnerability in years.
If you have a dedicated or virtual server with cPanel installed and have enabled the Solr plugin for cPanel(cpanel-dovecot-solr) then your server maybe vulnerable.
If you do not have this installed (cpanel-dovecot-solr), then your server is secure. Any new installations of Dovecot_FTS will include the patched RPM by default. You can check if this RPM is installed with the following command.
Example if installed:
# rpm -q cpanel-dovecot-solr
cpanel-dovecot-solr-8.8.2-4.11.1.cpanel.noarch
We strongly advise all customers that have cPanel installed confirm they are running the latest version with patched or update :
To update your cPanel installation : log on to WHM and go to: Home > cPanel > Upgrade to Latest Version
cPanel published an update with the mitigation for CVE-2021-44228 to the cpanel-dovecot-solr RPM in version 8.8.2-4+. This patch will automatically be applied during the nightly updates if this package is installed. You can confirm if your server is patched by using:
Example output of patched RPM:
# rpm -qv --changelog cpanel-dovecot-solr | grep -B1 CPANEL-39455
* Fri Dec 10 2021 Tim Mullin <[email protected]> - 8.8.2-4.cp1180
- CPANEL-39455: Add mitigation for CVE-2021-44228
You can execute below command to install patch:
yum update cpanel-dovecot-solr
Your server would vulnerable if you are running other Java applications/ services (server side java). Please contact your software vendor for updates and patches.
