Date: 2017-07-12 OS: Windows Etrack Incidents: 3923919 Errors/Problems Fixed: 3923919 - (JIRA ID: CFT-431) CVE-2017-5638 vulnerability for Data Insight 5.2 Applies to: Data Insight Management Server node and Portal node. Install/Uninstall Instructions: Apply this hotfix to Data Insight Management Server node and Portal node only. This hotfix can be applied to Data Insight version 5.2 RP2 only. FILE AFFECTED BY THIS PATCH: Windows: INSTALL_ROOT\tomcat\webapps\symhelp\* INSTALL_ROOT\portal_tomcat\webapps\symhelp\* By default, value of INSTALL_ROOT on Windows is "C:\Program Files\DataInsight". Steps: Log into Data Insight Management Server node or Portal node and perform the following steps: 1. Stop Data Insight services: From the command prompt, issue the following commands: net stop DataInsightWatchdog net stop DataInsightWeb net stop DataInsightComm net stop DataInsightConfig 2. Unzip the patch files to a temporary folder. In this folder, locate the "patches" folder. This folder contains all files for help application. Example: If you unzip hotfix to C:\temp, it will create the following folder under C:\temp: C:\TEMP\ +---README +---patches +---symhelp 3. Delete affected files from Data Insight: Delete directories "INSTALL_ROOT\tomcat\webapps\symhelp" and "INSTALL_ROOT\portal_tomcat\webapps\symhelp". Example: if you are patching Management server installed at "C:\Program Files\DataInsight", delete direcories "C:\Program Files\DataInsight\tomcat\webapps\symhelp" and "C:\Program Files\DataInsight\portal_tomcat\webapps\symhelp". 4. Copy the patch files to the install directory. Example: if you are patching Management server installed at "C:\Program Files\DataInsight", copy "symhelp" folder under "C:\temp\patches" to "C:\Program Files\DataInsight\tomcat\webapps" and "C:\Program Files\DataInsight\portal_tomcat\webapps\". 5. Start Data Insight services: From the command prompt, issue the following commands: net start DataInsightConfig net start DataInsightComm net start DataInsightWeb net start DataInsightWatchdog Additional Notes: 1. Apply this hotfix to Data Insight 5.2 RP2 only.