WebDocs Forms Management Mitigation Steps for CVE-2021-44228

The Webdocs Forms Management Development Team has issued a mitigation for CVE-2021-44228, which was published by NIST on December 10, 2021. The mitigation steps are below. Fortra highly recommends applying this mitigation.

Affected versions: Webdocs Forms Management 10.0.0.16

You can determine the version of Webdocs Forms Management by checking the version on the login page:

Mitigation Steps

How to mitigate the issue:

  1. Stop the Webdocs Forms Management service
  2. Stop the Webdocs Forms Management Solr Server service

  3. Navigate to: <WebdocsFormsManagementInstallDirectrory>\solr\bin

    by default (C:\Program Files\HelpSystems\Webdocs Forms Management\solr\bin)

  4. Edit the solr.in.cmd file:

    1. Under REM Set the thread stack size, add the property:

      set SOLR_OPTS=%SOLR_OPTS% -Dlog4j2.formatMsgNoLookups=true

  5. Start the Webdocs Forms Management Solr Server service

  6. Start the Webdocs Forms Management service

This vulnerability will be patched in the next release.

If you need more information regarding this vulnerability and our mitigation steps please contact us at support.docmgmt@fortra.com or 952-933-0609

Still have questions? We can help. Submit a case to technical support

Last Modified On:
You don't have the appropriate permissions.
No, open a new Support Case
+1 800-328-1000
info@fortra.com
Infrastructure Protection & Data Security
Managed Security Services
Automation
IBM i

Copyright © 2022 Fortra