DEV Community

Cover image for [how to fix] Apache SOLR impacted by CVE-2021-4428 vulnerability
Boga Sebastian Nicolae
Boga Sebastian Nicolae

Posted on • Updated on

[how to fix] Apache SOLR impacted by CVE-2021-4428 vulnerability

#solr #cve202144228 #log4j

Apache SOLR is impacted by CVE-2021-4428
Now what?

UPDATE: Solr 8.11.1 is already available!

Here is how you can fix it:

STOP SOLR

[Windows] solr.cmd stop -p 8983
[Linux] service solr stop

Edit

solr.cmd(for Windows)
solr (for Linux)
files from \bin directory

[Windows]

  • in solr.cmd file, find this line:

set START_OPTS=-Duser.timezone=%SOLR_TIMEZONE%

  • right after this line, add this line:

set "START_OPTS=%START_OPTS% -Dlog4j2.formatMsgNoLookups=true"

[Linux]

  • in solr file, find this line:

SOLR_START_OPTS=(

  • inside the brackets () wherever you want add this

"-Dlog4j2.formatMsgNoLookups=true"

START SOLR

Let's TEST if the changes had effect

  1. Open SOLR UI
  2. In Dashboard check if you see -Dlog4j2.formatMsgNoLookups=true

Image description

Image description

Oldest comments (0)

Read next

mike_andreuzza profile image

How to create a countdown with Tailwind CSS and Alpinejs

Michael Andreuzza -

akshara_chandran_0f2b21d7 profile image

Let's talk about EPIC and USER STORIES

Akshara Chandran -

hireshopwaredeveloper profile image

The Ultimate Guide to Choosing the Right Shopware Plugin Development Partner

Hire Shopware Developer -

brhamjotkaur profile image

Conquer the On-Demand Economy with Uber Clone App Development

Brhamjot kaur -