Cisco ISE | Log4J

This post provides a step-by-step procedure for installing the hot patch released by Cisco for ISE servers, in light of the recent Log4j vulnerability (Apache Log4j Java Logging Library).

More details:

Installation Steps.

#1) Copy the path files to FTP/SFTP Server into disk:/;

#2) Create local repository on ISE Server via CLI;

ise/admin# conf t
ise/admin# repository local
ise/admin# url disk:/

#3) Run the patch:

ise/admin# application install <file-name> local

#4) Verify:

ise/admin# show logging application hotpatch.log

Rollback Steps.

#1) Rollback the hot patch using below command:

ise/admin# application install <rollback-file-name> local

CLI Analysis.

#1) Check filesystems:

ise/admin# show disks

#2) Verify your backups:

ise/admin# show backup status
ise/admin# show backup history

#3) ISE process status:

ise/admin# show application status ise

#4) Start/Stop application:

ise/admin# application stop ise
ise/admin# application start ise


22 views0 comments

Recent Posts

See All

The Cisco Integrated Management Interface (CIMC) permits monitoring of the server inventory, health, and system event logs using the built-in Cisco Integrated Management Controller (CIMC) GUI or CLI i

Cisco ISE Upgrade Readiness Tool (URT) helps detect and fix any data upgrade issues before you start the upgrade process. Most of the upgrade failures occur because of data upgrade/corruption issues.

When you try to back up the ISE configuration, the backup process fails even though there is enough disk space available. Follow some steps to fix this issue: ise/admin# show backup status %% Configur