The NetWitness 18.104.22.168 release notes provides information about the changes in NetWitness Platform 11.7.
For more information on Fixed Issues, see Fixed Issues.
The Log4j vulnerability recently discovered in the commonly used open source logging library has been addressed. This applies to CVE-2021-44228. For more information, see the Security Advisory for Log4j.
Note: This patch release of NetWitness addresses log4j vulnerabilities reported till date. The following CVEs were validated and found to be not exploitable.
NetWitness will continuously monitor this issue for new developments and provide periodic updates.
Note: If you have the Export Connector plugin in your deployment, you must do the following:
- If you have Logstash installed separately, not as part of the NetWitness installation, you must uninstall the Export Connector plugin and install the updated Export Connector plugin after 22.214.171.124 patch upgrade. In this case, the old Export Connector plugin files are not automatically removed after upgrade. You must remove the old plugin files, so the scans do not list them as vulnerabilities. For more information on how to remove the old plugin files and install the updated plugins, see Post-Upgrade Tasks.
- If you have Logstash installed as part of the NetWitness installation on the Log Collector service, the updated Export Connector plugin will be automatically installed during the 126.96.36.199 patch upgrade.
Note: The traces of the old .jar files with the vulnerable versions of log4j in /tmp/jetty folder are found while upgrading from 11.5.x.x and 11.6.x.x versions to 11.7.x.x version. As a result, the scans reported the presence of older versions of log4j vulnerability. This issue has been addressed and the /tmp/jetty folder is cleaned up to remove the older versions of log4j vulnerability.
For more information on the various vulnerabilities fixed in this patch release, see https://community.netwitness.com/t5/netwitness-platform-product/nw-2022-01-multiple-components-within-netwitness-platform/ta-p/684904.
The following upgrade paths are supported for NetWitness 188.8.131.52:
- NetWitness 184.108.40.206 to 220.127.116.11
- NetWitness 18.104.22.168 to 22.214.171.124
- NetWitness 126.96.36.199 to 188.8.131.52
- NetWitness 184.108.40.206 to 220.127.116.11
- NetWitness 18.104.22.168 to 22.214.171.124
- NetWitness 126.96.36.199 to 188.8.131.52
- NetWitness 184.108.40.206 to 220.127.116.11
- NetWitness 18.104.22.168 to 22.214.171.124
- NetWitness 126.96.36.199 to 188.8.131.52
- NetWitness 184.108.40.206 to 220.127.116.11
- NetWitness 18.104.22.168 to 22.214.171.124
- NetWitness 126.96.36.199 to 188.8.131.52
NetWitness 184.108.40.206 to 220.127.116.11
- NetWitness 18.104.22.168 to 22.214.171.124