VMware 产品是 Apache Log4j2 远程执行代码漏洞 [CVE-2021-44228] 的重灾区

Posted by sysin on 2021-12-14
Estimated Reading Time 6 Minutes
Words 1k In Total
Viewed Times

点击访问腾讯云官方网站


请访问原文链接:VMware 产品是 Apache Log4j2 远程执行代码漏洞 [CVE-2021-44228] 的重灾区,查看最新版。原创作品,转载请保留出处。

作者:gc(at)sysin.org,主页:www.sysin.org

抄袭者 CSDN ID:qq_23930765 请远离本站!!!

Apache Log4j2 Remote Code Execution vulnerability CVE-2021-44228

VMware 产品几乎全部沦陷,详见安全公告

仅有少量产品不受影响(详见 kb)。

响应矩阵

Product Version Running On CVE Identifier CVSSv3 Severity Fixed Version Workarounds Additional Documentation
VMware Horizon 8.x, 7.x Any CVE-2021-44228 10.0 critical Patch Pending KB87073 None
VMware vCenter Server 7.x, 6.7.x, 6.5.x Virtual Appliance CVE-2021-44228 10.0 critical Patch Pending KB87081 None
VMware vCenter Server 6.7.x, 6.5.x Windows CVE-2021-44228 10.0 critical Patch Pending KB87096 None
VMware HCX 4.2.x, 4.0.x Any CVE-2021-44228 10.0 critical 4.2.3 Workaround Pending None
VMware HCX 4.1.x Any CVE-2021-44228 10.0 critical 4.1.0.2 Workaround Pending None
VMware NSX-T Data Center 3.x, 2.x Any CVE-2021-44228 10.0 critical Patch Pending KB87086 None
VMware Unified Access Gateway 21.x, 20.x, 3.x Any CVE-2021-44228 10.0 critical Patch Pending KB87092 None
VMware Workspace ONE Access 21.x, 20.10.x Any CVE-2021-44228 10.0 critical Patch Pending KB87090 None
VMware Identity Manager 3.3.x Any CVE-2021-44228 10.0 critical Patch Pending KB87093 None
VMware vRealize Operations 8.x Any CVE-2021-44228 10.0 critical Patch Pending KB87076 None
VMware vRealize Operations Cloud Proxy Any Any CVE-2021-44228 10.0 critical Patch Pending KB87080 None
VMware vRealize Automation 8.x Any CVE-2021-44228 10.0 critical Patch Pending KB87120 None
VMware vRealize Automation 7.6 Any CVE-2021-44228 10.0 critical Patch Pending KB87121 None
VMware vRealize Lifecycle Manager 8.x Any CVE-2021-44228 10.0 critical Patch Pending KB87097 None
VMware Carbon Black Cloud Workload Appliance 1.x Any CVE-2021-44228 10.0 critical Patch Pending UeX 109167 None
VMware Carbon Black EDR Server 7.x, 6.x Any CVE-2021-44228 10.0 critical 7.6.0 UeX 109168 None
VMware Site Recovery Manager, vSphere Replication 8.3, 8.4, 8.5 Any CVE-2021-44228 10.0 critical Patch Pending KB87098 None
VMware Tanzu GemFire 9.x, 8.x Any CVE-2021-44228 10.0 critical Patch Pending Article Number 13262 None
VMware Tanzu Greenplum 6.x Any CVE-2021-44228 10.0 critical Patch Pending Article Number 13256 None
VMware Tanzu Operations Manager 2.x Any CVE-2021-44228 10.0 critical 2.10.23 Article Number 13264 None
VMware Tanzu Application Service for VMs 2.x Any CVE-2021-44228 10.0 critical 2.7.42, 2.10.22, 2.11.10, 2.12.3 Article Number 13265 None
VMware Tanzu Kubernetes Grid Integrated Edition 1.x Any CVE-2021-44228 10.0 critical Patch Pending Article Number 13263 None
VMware Tanzu Observability by Wavefront Nozzle 3.x, 2.x Any CVE-2021-44228 10.0 critical 3.0.3 None None
Healthwatch for Tanzu Application Service 2.x Any CVE-2021-44228 10.0 critical 2.1.7 None None
Healthwatch for Tanzu Application Service 1.x Any CVE-2021-44228 10.0 critical 1.8.6 None None
Spring Cloud Services for VMware Tanzu 3.x Any CVE-2021-44228 10.0 critical 3.1.26 None None
Spring Cloud Gateway for VMware Tanzu 1.x Any CVE-2021-44228 10.0 critical 1.1.3 Workaround Pending None
Spring Cloud Gateway for Kubernetes 1.x Any CVE-2021-44228 10.0 critical Patch Pending Workaround Pending None
API Portal for VMware Tanzu 1.x Any CVE-2021-44228 10.0 critical 1.0.7 Workaround Pending None
Single Sign-On for VMware Tanzu Application Service 1.x Any CVE-2021-44228 10.0 critical 1.14.5 Workaround Pending None
App Metrics 2.x Any CVE-2021-44228 10.0 critical 2.1.1 None None
VMware vCenter Cloud Gateway 1.x Any CVE-2021-44228 10.0 critical Patch Pending KB87081 None
VMware vRealize Orchestrator 8.x Any CVE-2021-44228 10.0 critical Patch Pending KB87120 None
VMware vRealize Orchestrator 7.6 Any CVE-2021-44228 10.0 critical Patch Pending KB87122 None
VMware Cloud Foundation 4.x, 3.x Any CVE-2021-44228 10.0 critical Patch Pending KB87095 None
VMware Workspace ONE Access Connector (VMware Identity Manager Connector) 21.x, 20.10.x, 19.03.0.1 Any CVE-2021-44228 10.0 critical Patch Pending KB87091 None
VMware Horizon DaaS 9.1.x, 9.0.x Any CVE-2021-44228 10.0 critical Patch Pending KB87101 None
VMware Horizon Cloud Connector 1.x, 2.x Any CVE-2021-44228 10.0 critical 2.1.1 None None
VMware NSX Data Center for vSphere 6.x Any CVE-2021-44228 10.0 critical Patch Pending KB87099 None
VMware AppDefense Appliance 2.x Any CVE-2021-44228 10.0 critical Patch Pending UeX 109180 None
VMware Cloud Director Object Storage Extension 2.1.x Any CVE-2021-44228 10.0 critical 2.1.0.1 Workaround Pending None
VMware Cloud Director Object Storage Extension 2.0.x Any CVE-2021-44228 10.0 critical 2.0.0.3 Workaround Pending None
VMware Telco Cloud Operations 1.x Any CVE-2021-44228 10.0 critical Patch Pending Workaround Pending None
VMware vRealize Log Insight 8.2, 8.3, 8.4, 8.6 Any CVE-2021-44228 10.0 critical Patch Pending KB87089 None
VMware Tanzu Scheduler 1.x Any CVE-2021-44228 10.0 critical Patch Pending Article Number 13280 None

捐助本站 ❤️ Donate


如果文章中使用的内容或图片侵犯了您的版权,请联系作者删除。如果您喜欢这篇文章或者觉得它对您有所帮助,欢迎您发表评论,也欢迎您分享这个网站,或者赞赏一下作者,谢谢!


支付宝打赏 微信打赏

赞赏一下



1000000