Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
sahramazerii
New Contributor

Forticlient EMS detect " Security Vulnerability CVE-2018-1285 for log4net "

Hi All,

Forticlient EMS server detect Security Vulnerability CVE-2018-1285 for log4net on client's PC .

How can i mitigate and solve this issue .

 

Best regards

1 Solution
Anonymous
Not applicable

Hi, 

Thank you for using Fortinet Community.

For your information, FortiGuard services have added the CVE-2018-1285 vulnerability on the 28th July 2021. Hence, the vulnerability scan is now able to identify it.

As mentioned in the FortiGuard website,

"Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files".

You may need to manually upgrade the software (that causes this vulnerability) to version 2.0.10 or higher. 

 

The EMS GUI will show which software/application is using log4net, which you need to upgrade. If the software is not listed, you will need to look the Endpoint log and find the software associated with the log4net.

Please let me know if this helps :)


Best,
Irfan

View solution in original post

3 REPLIES 3
Anonymous
Not applicable

Hi, 

Thank you for using Fortinet Community.

For your information, FortiGuard services have added the CVE-2018-1285 vulnerability on the 28th July 2021. Hence, the vulnerability scan is now able to identify it.

As mentioned in the FortiGuard website,

"Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files".

You may need to manually upgrade the software (that causes this vulnerability) to version 2.0.10 or higher. 

 

The EMS GUI will show which software/application is using log4net, which you need to upgrade. If the software is not listed, you will need to look the Endpoint log and find the software associated with the log4net.

Please let me know if this helps :)


Best,
Irfan

sahramazerii

Hi
i think Endpoint log will hep me about software tha is associated with the log4net.

Thank you for your help

Best regards
Şahram Azeri

CiberConsulting

Hi, i have a problems with this vulnerability. Anyone will help me please. The EMS sometimes appear 10 pc with this problem. Other day the EMS appear only 2 pc with these problem.  I dont know how to resolve this problem log4net.

 

Please i need help. show me any website or video please.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors