Security Fixes

This patch release of NetWitness addresses the following vulnerabilities:

  • CVE-2022-21123

  • CVE-2022-21125

  • CVE-2022-21166

  • CVE-2022-31676

  • CVE-2022-29154

  • CVE-2022-2526

For more information on the various vulnerabilities fixed in this patch release, see https://community.netwitness.com/t5/rsa-netwitness-platform-staged/nw-2022-03-multiple-components-within-netwitness-platform/ta-p/689171.

Note: If you have the Export Connector plugin in your deployment, you must do the following:
- If you have Logstash installed separately, not as part of the NetWitness installation, you must uninstall the Export Connector plugin and install the updated Export Connector plugin after 12.1.0.1 patch upgrade. In this case, the old Export Connector plugin files are not automatically removed after upgrade. You must remove the old plugin files, so the scans do not list them as vulnerabilities. For more information on how to remove the old plugin files and install the updated plugins, see Post-Upgrade Tasks.
- If you have Logstash installed as part of the NetWitness installation on the Log Collector service, the updated Export Connector plugin will be automatically installed during the 12.1.0.1 patch upgrade.

Upgrade Paths

The following upgrade paths are supported for NetWitness 12.1.0.1:

  • NetWitness 11.6.0.0 to 12.1.0.1
  • NetWitness 11.6.0.1 to 12.1.0.1
  • NetWitness 11.6.1.0 to 12.1.0.1
  • NetWitness 11.6.1.1 to 12.1.0.1
  • NetWitness 11.6.1.2 to 12.1.0.1
  • NetWitness 11.6.1.3 to 12.1.0.1
  • NetWitness 11.6.1.4 to 12.1.0.1
  • NetWitness 11.7.0.0 to 12.1.0.1
  • NetWitness 11.7.0.1 to 12.1.0.1
  • NetWitness 11.7.0.2 to 12.1.0.1
  • NetWitness 11.7.1.0 to 12.1.0.1

  • NetWitness 11.7.1.1 to 12.1.0.1
  • NetWitness 11.7.1.2 to 12.1.0.1

  • NetWitness 12.0.0.0 to 12.1.0.1

  • NetWitness 12.1.0.0 to 12.1.0.1