The NetWitness 22.214.171.124 release notes provides information about the changes in NetWitness Platform 11.7.
The Log4j vulnerability recently discovered in the commonly used open source logging library has been addressed. This applies to CVE-2021-44228. For more information, see the Security Advisory for Log4j.
Note: This patch release of NetWitness addresses log4j vulnerabilities reported till date. The following CVEs were validated and found to be not exploitable.
NetWitness will continuously monitor this issue for new developments and provide periodic updates.
Note: If you have the Export Connector plugin in your deployment, you must do the following:
- If you have Logstash installed separately, not as part of the NetWitness installation, you must uninstall the Export Connector plugin and install the updated Export Connector plugin after 126.96.36.199 patch upgrade. For more information to install the updated plugin, see Post-Upgrade Tasks.
- If you have Logstash installed as part of the NetWitness installation on the Log Collector service, the updated Export Connector plugin will be automatically installed during the 188.8.131.52 patch upgrade.
In both the above cases, the old Export Connector plugin files are not automatically removed after upgrade. You must remove the old plugin files, so the scans do not list them as vulnerabilities. For more information on how to remove the old plugin files, see Post-Upgrade Tasks.
The following upgrade paths are supported for NetWitness 184.108.40.206:
- NetWitness 220.127.116.11 to 18.104.22.168
- NetWitness 22.214.171.124 to 126.96.36.199
- NetWitness 188.8.131.52 to 184.108.40.206
- NetWitness 220.127.116.11 to 18.104.22.168
- NetWitness 22.214.171.124 to 126.96.36.199
- NetWitness 188.8.131.52 to 184.108.40.206
- NetWitness 220.127.116.11 to 18.104.22.168
- NetWitness 22.214.171.124 to 126.96.36.199
- NetWitness 188.8.131.52 to 184.108.40.206