log4j Vulnerability - BA Client Fix and Workaround

The BA Client Webclient component is affected by the log4j issue.

Workaround

To deactivate the webclient function do the following:

Linux/UNIX:

  • change in dsm.sys the line "managedservices webclient schedule" to "managedservices schedule"

  • restart the dsmcad deamon

Windows:

  • stop the webclient service with "net stop 'TSM Client Remote Agent'" or select "stop" in services.msc for this service.

  • configure this service with start type "manual" to prevent automatic start after reboot.

Fix

IBM fixed the log4j vulnerability in Spectrum Protect BA Client on December 17th and published versions 8.1.13.1 and 7.1.8.13

Info about fixes:

https://www.ibm.com/support/pages/node/589103

https://www.ibm.com/support/pages/ibm-spectrum-protect-downloads-latest-fix-packs-and-interim-fixes

Download:

http://ftp.software.ibm.com/storage/tivoli-storage-management/patches/

PreviousBackup/Archive ClientNextStorage

Last updated