Description:

VMware has released security updates to address Apache Log4j vulnerability in the following products:

• VMware Horizon
• VMware vCenter Server
• VMware HCX
• VMware NSX-T Data Center
• VMware Unified Access Gateway
• VMware WorkspaceOne Access
• VMware Identity Manager
• VMware vRealize Operations
• VMware vRealize Operations Cloud Proxy
• VMware vRealize Log Insight
• VMware vRealize Automation
• VMware vRealize Lifecycle Manager
• VMware Telco Cloud Automation
• VMware Site Recovery Manager
• VMware Carbon Black Cloud Workload Appliance
• VMware Carbon Black EDR Server
• VMware Tanzu GemFire
• VMware Tanzu Greenplum
• VMware Tanzu Operations Manager
• VMware Tanzu Application Service for VMs
• VMware Tanzu Kubernetes Grid Integrated Edition
• VMware Tanzu Observability by Wavefront Nozzle
• Healthwatch for Tanzu Application Service
• Spring Cloud Services for VMware Tanzu
• Spring Cloud Gateway for VMware Tanzu
• Spring Cloud Gateway for Kubernetes
• API Portal for VMware Tanzu
• Single Sign-On for VMware Tanzu Application Service
• App Metrics
• VMware vCenter Cloud Gateway
• VMware Tanzu SQL with MySQL for VMs
• VMware vRealize Orchestrator
• VMware Cloud Foundation
• VMware Workspace ONE Access Connector

Threats:

Remote attacker could exploit this vulnerability by executing arbitrary code.

Best practice and Recommendations:

The CERT team encourages users to review VMware security advisory and apply the necessary updates:

• https://www.vmware.com/security/advisories/VMSA-2021-0028.html