logj4

log4j Vulnerability, How To Tell if You Have a Problem on your Netezza Host

Written by: | |

The Log4j flaw, disclosed by Apache last week, allows attackers to execute code remotely on a target computer, meaning that they can steal data, install malware or take control. How can you tell if you have a problem on your Netezza host?

According to IBM the only affected component is the map reduce INZA (IBM Netezza Analytics) cartridge, which has to be manually & deliberately installed on your system (as it is not included by default).

It is also possible some customers may have installed non-standard components themselves on the Netezza Host which could potentially introduce a log4j vulnerability.

One way of checking for presence of log4j components is by running the following commands on your Netezza Host:

yum list installed | grep -i log4
find / -name “log4j”

IBM has subsequently released more information in this post recommending you install the patch just released by Apache. All the information you need is in this bulletin. We'll update this blog with any further updates from IBM.

Hope this helps. Please let us know if you require any further assistance regarding this matter.

Author Bio