top of page

Cisco ISE | Log4J

This post provides a step-by-step procedure for installing the hot patch released by Cisco for ISE servers, in light of the recent Log4j vulnerability (Apache Log4j Java Logging Library).

More details: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa47133


Installation Steps.


#1) Copy the path files to FTP/SFTP Server into disk:/;


#2) Create local repository on ISE Server via CLI;

ise/admin# conf t
ise/admin# repository local
ise/admin# url disk:/

#3) Run the patch:

ise/admin# application install <file-name> local

#4) Verify:

ise/admin# show logging application hotpatch.log

Rollback Steps.


#1) Rollback the hot patch using below command:

ise/admin# application install <rollback-file-name> local

CLI Analysis.


#1) Check filesystems:

ise/admin# show disks

#2) Verify your backups:

ise/admin# show backup status
ise/admin# show backup history

#3) ISE process status:

ise/admin# show application status ise

#4) Start/Stop application:

ise/admin# application stop ise
ise/admin# application start ise

gif

22 views0 comments

Recent Posts

See All

Syslog is a protocol that computer systems use to send event data logs to a central location for storage. Logs can then be accessed by analysis and reporting software to perform audits, monitoring, tr

ISE Repositories can be configured from both the GUI and the CLI of the ISE and can be used for these purposes: ➛ Backup and Restore of ISE Configuration and Operational data; ➛ Upgrade of ISE nodes;

Secure Unlock Client mechanism provides root shell access on Cisco ISE Command Line Interface (CLI) for a certain period of time. As soon as the session is closed or exited, the root access is also re

bottom of page