APAR status
Closed as program error.
Error description
[5/8/24 11:10:36:301 CDT] 00000079 CompoundClass > loadClass org.apache.logging.log4j.core.lookup.JndiLookup this=com.ibm.ws .classloader.CompoundClassLoader@5b025a23[PL][library:Iso_Lib]En [5/8/24 11:10:36:301 CDT] 00000079 CompoundClass < loadClass org.apache.logging.log4j.core.lookup.JndiLookup forbidden Exit
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: All users of IBM WebSphere Application * * Server * **************************************************************** * PROBLEM DESCRIPTION: Users who want to use the Log4j JNDI * * Lookup function are unable to do so * **************************************************************** * RECOMMENDATION: * **************************************************************** As part of WAS' proactive response to the Log4Shell vulnerability, filtering was put in place to actively block the load of the Log4j JndiLookup class, which was the cause of that vulnerability. The new "forbidden classes" mechanism was, by design, not configurable. Since that time, the vulnerability in that class has been addressed, but applications are still prevented from using it.
Problem conclusion
The forbidden classes mechanism is now configurable. To allow previously-forbidden classes to be loaded, add the custom property "com.ibm.ws.classloader.nothing.forbidden" with value "true" to the server JVM configuration, or add "- Dcom.ibm.ws.classloader.nothing.forbidden=true" as a generic JVM argument on the application server process. The fix for this APAR is targeted for inclusion in fix packs 8.5.5.27 and 9.0.5.21. For more information, see 'Recommended Updates for WebSphere Application Server': https://www.ibm.com/support/pages/node/715553
Temporary fix
Comments
APAR Information
APAR number
PH61335
Reported component name
WEBS APP SERV N
Reported component ID
5724H8800
Reported release
850
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2024-05-13
Closed date
2024-06-10
Last modified date
2024-06-10
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WEBS APP SERV N
Fixed component ID
5724H8800
Applicable component levels
[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"8.5","Line of Business":{"code":"LOB67","label":"IT Automation \u0026 App Modernization"}}]
Document Information
Modified date:
10 June 2024