Change Guardian Release Notes

January 2022

Change Guardian addresses the Log 4j vulnerability.

The documentation for this product is available on the Micro Focus website in HTML and PDF formats on a page that does not require you to log in. If you have suggestions for documentation improvements, click comment on this topic at the bottom of any page in the HTML version of the documentation posted at the Change Guardian Documentation page. To download this product and patches, see the Micro Focus Downloads website.

1.0 What is New?

The following issue has been resolved in this release:

1.1 Log4j Vulnerability Fix

The Log4j vulnerability allows malicious attackers to execute code remotely on any targeted system.

  • A series of high severity vulnerabilities (CVE-2021-44228), (CVE-2021-45105), (CVE-2021-45046), and (CVE-2021-44832) for new Apache Log4j 2 version 2.14.1 are disclosed publicly and this has been addressed in this release by upgrading log4j to latest version 2.17.1

  • A series of high severity vulnerabilities (CVE-2021-4104) and (CVE-2019-17571) for older Apache log4j version log4j-1.2.17.jar are disclosed publicly and it has been mitigated by removing vulnerable classes SocketServer.class and JMSAppender.class from log4j-1.2.17.jar as the next version is not available and bundled in Change Guardian.

  • The vulnerable class JndiLookup.class is removed from the Elasticsearch bundled log4j-core-2.11.1.jar used in Change Guardian.

2.0 System Requirements

For more information about hardware requirements, supported operating systems, and browsers, see the System Requirements for Change Guardian 6.2.

3.0 Installing Change Guardian

You can install Change Guardian on supported platforms. For more information about the installation procedure, see Change Guardian Installation and Administration Guide.

4.0 Upgrading to Change Guardian

You can upgrade to Change Guardian from Change Guardian 6.2. For information about the upgrade procedure, see Upgrading Change Guardian in the Change Guardian Installation and Administration Guide.

NOTE:Install/Upgrade to Change Guardian is only supported by Traditional Installer.

5.0 Known Issues

Micro Focus strives to ensure our products provide quality solutions for your enterprise software needs. The following issues are currently being researched. If you need further assistance with any issue, please contact Technical Support.

5.1 Common Appliance Framework Page Shows Error RemoteLookupFailureException

Issue: Upon launching, the CAF page fails to load and shows RemoteLookupFailureException error.(Defect 379090)

Workaround: Restart the datamodel service on the Change Guardian Appliance server with: rcvabase-datamodel restart. Ensure that it shows active (running) with: rcvabase-datamodel status and open the Change Guardian Appliance Management Console Page with: https://IPAddressOfServer:9443.

5.2 Events Do Not Show Command Line Details

Issue: If a process is terminated within a second of its creation, the Change Guardian Agent for Windows cannot collect the command line details such as Command Line, Command Line Length, Command Line Parameter, and Command Line Parameter Length. Events that are generated for these processes do not display the command line details.(Defect 292163)

Workaround: None.

5.3 FIPS Enabled Solaris Agent Shows Offline in Agent Health Tab

Issue: When you assign policies to Solaris UNIX Agent machine, the VigilEntAgent service may go down. (Defect 353077)

Workaround: When the server receives the next heartbeat, the Agent turns online and sends events normally.

5.4 Appliance Reports Errors During Boot

Issue: When the Change Guardian appliance boots after installation, the appliance reports that some services have failed to start: (Defect 174273)

Failed to start LSB: NetIQ LDAP Expander.
Failed to start LSB: Sentinel Server.

Workaround: The services start correctly. You can ignore such error messages.

5.5 Launching Alerts Dashboard Displays Conflict Error Message in FIPS Mode

Issue: After installing or upgrading Change Guardian in FIPS mode, when you launch Alerts Dashboard for the first time, a conflict error message is displayed. (Defect 302233)

Workaround: Refresh the page and ignore the conflict error message as there is no functionality impact.

5.6 Events Do Not Show the Windows Process Description

Issue: The assembly path for certain Windows processes is not available to the Change Guardian Agent for Windows, due to which the agent cannot collect the Windows process description. Events that are generated as a result of such processes do not display the process description.(Defect 290154)

Workaround: None.

5.7 Internet Explorer 11 Does Not Save Events Dashboard Customizations

Issue: If you use certain versions of Internet Explorer 11, such as versions 11.0.10240.16384 and 11.1098.17763.0, to view and modify Events Dashboard settings, Internet Explorer does not display the saved settings.(Defect 155003)

Workaround: Use a different web browser that is supported.

5.8 Events Dashboard Appears Blank

Issue: If you click DASHBOARDS > EVENTS, the Events Dashboard is displayed. If you click on DASHBOARDS again, the Event Dashboard appears blank.(Defect 189391)

Workaround: Refresh the page to view the Events Dashboard.

6.0 Legal Notice

For information about Micro Focus legal notices, see

Copyright © 2022 Micro Focus or one of its affiliates.