Mitigating CVE-2021-44228 Log4j for your Sitecore SOLR installs

2021, Dec 13

UPDATE

Please also read my next blogpost on how to upgrade log4j in your local Solr instances for Sitecore. Please also read my other blogpost about CVE-2021-45105 and again, how to upgrade log4j in your local Solr instances for Sitecore.

Mitigating CVE-2021-44228 Log4j for your Sitecore SOLR installs

As described on 2021-12-10, Apache Solr affected by Apache Log4J CVE-2021-44228 I created a simple PowerShell script that you can run on your machine to make sure you have mitigated this vulnerability for your SOLR installation. You cannot simply upgrade to a newer version of SOLR because Sitecore does not support this

Executing this script

The script can be found on my GitHub.

Running this script will require Administrator privileges. If you execute this script it will ask you for the drive letter where the solr (root directory) is located. Some people tend to install SOLR on the C-drive and some others on the D-drive. The script will look for the solr.in.cmd files and checks if the suggested mitigation is already present. If not, the script will append the file and restarts the according SOLR Service for you.

Cheers!

Any suggestions or modifications are welcome in the form of a Pull Request.

Have a great day.