top of page
Search
Writer's pictureDiniz Martins
Apr 25, 20221 min read

Cisco ISE | Log4J

This post provides a step-by-step procedure for installing the hot patch released by Cisco for ISE servers, in light of the recent Log4j vulnerability (Apache Log4j Java Logging Library).

More details: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47133


Installation Steps.


#1) Copy the path files to FTP/SFTP Server into disk:/;


#2) Create local repository on ISE Server via CLI;

ise/admin# conf t
ise/admin# repository local
ise/admin# url disk:/

#3) Run the patch:

ise/admin# application install <file-name> local

#4) Verify:

ise/admin# show logging application hotpatch.log

Rollback Steps.


#1) Rollback the hot patch using below command:

ise/admin# application install <rollback-file-name> local

CLI Analysis.


#1) Check filesystems:

ise/admin# show disks

#2) Verify your backups:

ise/admin# show backup status
ise/admin# show backup history

#3) ISE process status:

ise/admin# show application status ise

#4) Start/Stop application:

ise/admin# application stop ise
ise/admin# application start ise


34 views0 comments

Recent Posts

See All

Understanding CIMC for Cisco ISE

Cisco Integrated Management Controller (CIMC) is a crucial component for managing and monitoring Cisco UCS servers, including those used...

0 comments

Securing IOS-XE Routing Protocols

Securing the routing information prevents an attacker from introducing false routing information into the network, which could be used as...

0 comments

Cisco Duo Log Sync (DLS)

Duologsync (DLS) is a utility written by Duo Security that supports fetching logs from Duo endpoints and ingesting them to different...

0 comments

Comments

bottom of page