log4j CVE-2021-44228 vulnerability and fix
Here we discussing a critical vulnerability in an Apache code library called Log4j. Indexed as CVE-2021-44228, the flaw is a remote code execution (RCE) vulnerability that allows an attacker to run code of their choice on an affected server. It is affected on majority of Cpanel servers. If you are using the cPanel Solr plugin then you need to uninstall it for the moment as it is potentially vulnerable.
->Login to server and from terminal run below command
rpm -q –changelog cpanel-dovecot-solr | grep -B1 CPANEL-39455
This will give result if it is present. Like below mentioned result will give if this issue have in the server.
1. We can update Cpanel using upcp to update it.
/scripts/upcp
2. Alternatively you could update just the cpanel-dovecot-solr RPM via YUM as the root user with the following command: