This is a CRITICAL Advisory with the highest possible severity (CVSSv3 score of 10 out of 10) VMSA-2021-0028

VMware published security advisory, VMSA-2021-0028, which impacts many VMware products through a Remote Code Execution (RCE) vulnerability via Apache Log4j.  This is a CRITICAL Advisory with the highest possible severity (CVSSv3 score of 10 out of 10). 

The VMSA will be the source of truth for all developments around this issue: https://www.vmware.com/security/advisories/VMSA-2021-0028.html.  Evaluation is still underway, but a list of known affected products is included below.  As of this note, workarounds are available for Horizon Connection Server & Agent, vRealize Operations & Cloud Proxy, NSX-T Data Center, and HCX.  More updates to this advisory, including applicable workaround links, are expected throughout the weekend.

 Impacted Products (Under Evaluation):

  • VMware Horizon
  • VMware vCenter Server
  • VMware HCX
  • VMware NSX-T Data Center
  • VMware Unified Access Gateway
  • VMware WorkspaceOne Access
  • VMware Identity Manager 
  • VMware vRealize Operations
  • VMware vRealize Operations Cloud Proxy
  • VMware vRealize Log Insight
  • VMware vRealize Automation
  • VMware Telco Cloud Automation
  • VMware Site Recovery Manager
  • VMware Carbon Black Cloud Workload Appliance
  • VMware Tanzu GemFire
  • VMware Tanzu Greenplum
  • VMware Tanzu Operations Manager
  • VMware Tanzu Application Service for VMs
  • VMware Tanzu Kubernetes Grid Integrated Edition
  • VMware Tanzu Observability by Wavefront Nozzle
  • Healthwatch for Tanzu Application Service
  • Spring Cloud Services for VMware Tanzu
  • Spring Cloud Gateway for VMware Tanzu
  • Spring Cloud Gateway for Kubernetes
  • API Portal for VMware Tanzu
  • Single Sign-On for VMware Tanzu Application Service
  • App Metrics
  • VMware vCenter Cloud Gateway
  • VMware Tanzu SQL with MySQL for VMs
  • vRealize Orchestrator
  • (Additional products will be added)

Reference:

FIRST CVSSv3 Calculator:
CVE-2021-44228: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H (10.0)

Mitre CVE Dictionary Links:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228

Please like and share to spread the knowledge in the community.

If you want to chat with me please use Twitter: @AngrySysOps

Visit my FB page: https://www.facebook.com/AngrySysOps

Read my blog: https://angrysysops.com

Subscribe to my channel : https://www.youtube.com/channel/UCRTcKGl0neismSRpDMK_M4A

Please leave the comment