Download IBM Cognos Controller 10.4.2 IF16

Abstract

IBM Cognos Controller is affected by a security vulnerability. Apache Log4j is used by IBM Cognos Controller as part of its logging infrastructure. This bulletin addresses the exposure to the Apache Log4j (CVE-2021-45046) vulnerability. Please note that this update also addresses CVE-2021-44228.

Download Description

Apply the following interim fix to all IBM Cognos Controller 10.4.2 installations as soon as possible.

Prerequisites

IBM Cognos Controller 10.4.2 Interim Fix 16 requires that IBM Cognos Controller 10.4.2 is installed.

Our interim fixes are cumulative by design. Hence all interim fixes include all updates from earlier interim fixes.

Installation Instructions

Install an interim fix on Microsoft® Windows®

1. Change to the directory where you have downloaded the interim fix.
2. Decompress the .tar.gz file. If you are using WinZip®, select the option “use folder names”.
3. If you want to see the version of a component before you install it, unpack the tar file to disk, or read the table of contents of the tar file.
4. Stop Internet Information Services (IIS) Manager (the Default Web Site).
5. Shut down the IBM Cognos Controller Consolidation COM+ application through Component Services.
6. Stop the following services through the Services Manager. If you do not stop them before the installation, you are prompted during the installation:
   * IBM Cognos
   * IBM Cognos Controller Batch Service
   * IBM Cognos Controller Consolidation
   * IBM Cognos Controller Java Proxy
   * IBM Cognos Controller User Manager
   * IBM Cognos FAP Service
7. Back up the content store database.
8. If your IBM Cognos Controller environment is customized, back up the entire IBM Cognos Controller location.
9. Go to the location where you downloaded and extracted the files.
10. Go to the win64h directory and double-click the i_ssetup.exe_ file.
11. Follow the directions in the installation wizard, installing in the same location as your existing IBM Cognos Controller server components. The issetup program prompts you to allow the interim fix to create a backup copy in the installation folder before copying new files.
12. Open IBM Cognos Configuration, save the configuration, and then start the IBM Cognos service.
13. Start the following services:
    * IBM Cognos Controller Batch Service
    * IBM Cognos Controller Consolidation
    * IBM Cognos Controller Java Proxy
    * IBM Cognos Controller User Manager
    * IBM Cognos FAP Service
14. If you have a distributed environment, repeat these steps for all remaining IBM Cognos Controller servers.
15. Start the Internet Information Services (IIS) Manager (the Default Web Site).
16. Start the components Services IBM Cognos Controller Consolidation.

[{“INLabel”:“IBM Cognos Controller Installation Guide”,“INLang”:“English”,“INSize”:“1000000 B”,“INURL”:“https://www.ibm.com/docs/en/cognos-controller/10.4.2?topic=1042-introduction\n\n”}]

Download Package

Click the FC link in the**Use Fix Central **section below to start downloading your package.

Problems Solved

Remediated Security Vulnerabilities

On

[{“DNLabel”:“IBM Cognos Controller 10.4.2 Interim Fix 16”,“DNDate”:“21 Dec 2021”,“DNLang”:“English”,“DNSize”:“2.25 GB”,“DNPlat”:{“label”:“Windows”,“code”:“PF033”},“DNURL”:“https://www-945.ibm.com/support/fixcentral/swg/quickorder?parent=ibm~Information+Management&product=ibm/Information+Management/Cognos+8+Controller&release=All&platform=All&function=fixId&fixids=10.4.2.0-BA-CNTRL-Win64-IF016:0&includeSupersedes=0&source=fc&login=true",“DNURL_FTP”:“”,"DDURL”:null}]

[{“Type”:“MASTER”,“Line of Business”:{“code”:“LOB10”,“label”:“Data and AI”},“Business Unit”:{“code”:“BU059”,“label”:“IBM Software w/o TPS”},“Product”:{“code”:“SS9S6B”,“label”:“IBM Cognos Controller”},“ARM Category”:[{“code”:“a8m0z0000001ftoAAA”,“label”:“Other”}],“ARM Case Number”:“”,“Platform”:[{“code”:“PF033”,“label”:“Windows”}],“Version”:“10.4.2”}]