A recent vulnerability is detected in apache log4j jars. To resolve this we need to update the jars in ETL Validator. Please follow the below steps.

1. Navigate to the ETL Validator Server deployment directory:
    (ex: C:\app\Datagaps\ETLValidator\Server\apache-tomcat\webapps) If you are not using the default tomcat provided with ETL Validator then you need to navigate to the valid tomcat location where you deployed the wars. Also please delete the two wars and their extracted folders if exists (ETLValidatorExternalRest.war and ETLValidatorSecurity.war).

2. Download the new jars from the below link or if you have any private repository please download from there and paste them in the respective folders.
https://s3.amazonaws.com/DatagapsSingapore/log4j-jars.zip

3. Navigate to the "ETLValidatorService" library folder.
   (ex: C:\app\Datagaps\ETLValidator\Server\apache-tomcat\webapps\ETLValidatorService\WEB-INF\lib) Remove the below existing old jars. 

log4j-1.2.17.jar
log4j-api-2.*.0.jar 
log4j-core-2.*.0.jar
log4j-slf4j-impl-2.*.0.jar

After removing the above jar replace with below jars.
log4j-api-2.17.1.jar
log4j-core-2.17.1.jar
log4j-slf4j-impl-2.17.1.jar

4. Navigate to the "ETLValidatorServer" library folder.
   (ex: C:\app\Datagaps\ETLValidator\Server\apache-tomcat\webapps\ETLValidatorServer\WEB-INF\lib) Remove the below existing old jars. 

log4j-1.2.17.jar

logback-core-1.2.*.jar

After removing the above jar replace with below jars.

logback-core-1.2.10.jar

5. Restart the server.