Change Guardian 188.8.131.52 addresses the Log 4j vulnerability.
The documentation for this product is available on the Micro Focus website in HTML and PDF formats on a page that does not require you to log in. If you have suggestions for documentation improvements, click Change Guardian Documentation page. To download this product and patches, see the Micro Focus Downloads website.at the bottom of any page in the HTML version of the documentation posted at the
The following issue has been resolved in this release:
Log4j Vulnerability Fix (Defect 465007)
The Log4j vulnerability allows malicious attackers to execute code remotely on any targeted system.
A series of high severity vulnerabilities (CVE-2021-44228), (CVE-2021-45105), (CVE-2021-45046), and (CVE-2021-44832) for new Apache Log4j 2 version 2.14.1 are disclosed publicly and this has been addressed in this release by upgrading log4j to latest version 2.17.1
A series of high severity vulnerabilities (CVE-2021-4104) and (CVE-2019-17571) for older Apache log4j version log4j-1.2.17.jar are disclosed publicly and it has been mitigated by removing vulnerable classes SocketServer.class and JMSAppender.class from log4j-1.2.17.jar as the next version is not available and bundled in Change Guardian.
The vulnerable class JndiLookup.class is removed from the Elasticsearch bundled log4j-core-2.11.1.jar used in Change Guardian.
For more information about hardware requirements, supported operating systems, and browsers, see the System Requirements for Change Guardian 6.2.
You can install Change Guardian 184.108.40.206 on supported platforms. For more information about the installation procedure, see Change Guardian Installation and Administration Guide.
You can upgrade to Change Guardian 220.127.116.11 from Change Guardian 6.2. For information about the upgrade procedure, see Change Guardian Installation and Administration Guide.
NOTE:Install/Upgrade to Change Guardian 18.104.22.168 is only supported by Traditional Installer.
Micro Focus strives to ensure our products provide quality solutions for your enterprise software needs. The following issues are currently being researched. If you need further assistance with any issue, please contact Technical Support.
Issue: Upon launching, the CAF page fails to load and shows RemoteLookupFailureException error.(Defect 379090)
Workaround: Restart the datamodel service on the Change Guardian Appliance server with: rcvabase-datamodel restart. Ensure that it shows active (running) with: rcvabase-datamodel status and open the Change Guardian Appliance Management Console Page with: https://IPAddressOfServer:9443.
Issue: If a process is terminated within a second of its creation, the Change Guardian Agent for Windows cannot collect the command line details such as Command Line, Command Line Length, Command Line Parameter, and Command Line Parameter Length. Events that are generated for these processes do not display the command line details.(Defect 292163)
Issue: When you assign policies to Solaris UNIX Agent machine, the VigilEntAgent service may go down. (Defect 353077)
Workaround: When the server receives the next heartbeat, the Agent turns online and sends events normally.
Issue: When the Change Guardian appliance boots after installation, the appliance reports that some services have failed to start: (Defect 174273)
Failed to start LSB: NetIQ LDAP Expander. Failed to start LSB: Sentinel Server.
Workaround: The services start correctly. You can ignore such error messages.
Issue: After installing or upgrading Change Guardian in FIPS mode, when you launch Alerts Dashboard for the first time, a conflict error message is displayed. (Defect 302233)
Workaround: Refresh the page and ignore the conflict error message as there is no functionality impact.
Issue: The assembly path for certain Windows processes is not available to the Change Guardian Agent for Windows, due to which the agent cannot collect the Windows process description. Events that are generated as a result of such processes do not display the process description.(Defect 290154)
Issue: If you use certain versions of Internet Explorer 11, such as versions 11.0.10240.16384 and 11.1098.17763.0, to view and modify Events Dashboard settings, Internet Explorer does not display the saved settings.(Defect 155003)
Workaround: Use a different web browser that is supported.
Issue: If you click > , the Events Dashboard is displayed. If you click on again, the Event Dashboard appears blank.(Defect 189391)
Workaround: Refresh the page to view the Events Dashboard.
For information about Micro Focus legal notices, see https://www.microfocus.com/about/legal/
Copyright © 2022 Micro Focus or one of its affiliates.