IBM Support

IBM Data Studio 4.1.4: Log4j vulnerability (CVE-2021-4104)

Troubleshooting


Problem

Addressing the Log4j vulnerability in Data Studio 4.1.4

Resolving The Problem

You need to either install the latest APAR from the IBM Fix Central or APAR 1 on top of Data Studio 4.1.4 and refer to the IBM Data Studio APAR Installation.pdf that is included in the installer package.
Note that APAR releases are cumulative in nature so, the latest fix always has the previous fixes.
  1. Extract the DS414APAR1.zip file.
  2. Extract the ds_log4j_utility.zip file and copy it to your installation folder. For example, the default installation directories are:
    • Linux: /opt/IBM/DS4.1.4
    • Windows: C:\Program Files\IBM\DS4.1.4

      Screenshot 1
  3. If the installation directory is different than the default ones mentioned in Step 2, open the script file and update the following variable:
    • Linux:
      INSTALLATION_FOLDER="/opt/IBM/SDPShared/"
      DS414UTILITY="/opt/IBM/DS4.1.4/ds_log4j_utility/"
    • Windows:
      set INSTALLATION_FOLDER=C:\Program Files\IBM\SDPShared\
      set DS414UTILITY=C:\Program Files\IBM\DS4.1.4\ds_log4j_utility\
  4. Ensure that you add the installation folder correctly, referring to the existing values.
  5. Open the extracted ds_log4j_utility folder and run the following shell script or BAT file as per your environment:
    • Linux: linux_script.sh
    • Windows: windows_script.bat

      Screenshot 2
  6. The shell script or BAT file generates a file named ds_utility_logs.txt inside the ds_log4j_utility folder. Check if any errors are logged in the log file.
    1. If there are no errors, the Log4j related files are clean and you can now delete the ds_log4j_utility folder.

Document Location

Worldwide

[{"Type":"MASTER","Line of Business":{"code":"LOB10","label":"Data and AI"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS62YD","label":"IBM Data Studio"},"ARM Category":[{"code":"a8m3p000000h9fCAAQ","label":"DSM"}],"ARM Case Number":"","Platform":[{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"4.1.4"}]

Document Information

Modified date:
28 February 2022

UID

ibm16550446

Page Feedback