漏洞情报 | VMware公布受Apache Log4j2远程代码执行漏洞影响产品和解决方案

漏洞情报 | VMware公布受Apache Log4j2远程代码执行漏洞影响产品和解决方案

近日, Apache Log4j 的远程代码执行最新漏洞细节被公开,攻击者可通过构造恶意请求利用该漏洞实现在目标服务器上执行任意代码。可导致服务器被黑客控制,从而进行页面篡改、数据窃取、挖矿、勒索等行为。

12月10日,VMware官方发布安全通告,通告了受影响的VMware产品。

VMware安全通告VMSA-2021-0028:https://www.vmware.com/security/advisories/VMSA-2021-0028.html

一、受影响的产品:

VMware Horizon
VMware vCenter Server
VMware HCX
VMware NSX-T Data Center
VMware Unified Access Gateway
VMware WorkspaceOne Access
VMware Identity Manager 
VMware vRealize Operations
VMware vRealize Operations Cloud Proxy
VMware vRealize Log Insight
VMware vRealize Automation
VMware vRealize Lifecycle Manager
VMware Telco Cloud Automation
VMware Site Recovery Manager
VMware Carbon Black Cloud Workload Appliance
VMware Carbon Black EDR Server
VMware Tanzu GemFire
VMware Tanzu Greenplum
VMware Tanzu Operations Manager
VMware Tanzu Application Service for VMs
VMware Tanzu Kubernetes Grid Integrated Edition
VMware Tanzu Observability by Wavefront Nozzle
Healthwatch for Tanzu Application Service
Spring Cloud Services for VMware Tanzu
Spring Cloud Gateway for VMware Tanzu
Spring Cloud Gateway for Kubernetes
API Portal for VMware Tanzu
Single Sign-On for VMware Tanzu Application Service
App Metrics
VMware vCenter Cloud Gateway
VMware Tanzu SQL with MySQL for VMs
vRealize Orchestrator
VMware Cloud Foundation
(Additional products will be added)

二、解决方案

官方正在陆续修复,部分产品已经公布临时解决方案。

产品版本CVE编号已修复版本临时缓解措施
VMware Horizon8.x, 7.xCVE-2021-44228, CVE-2021-450468.4.0,7.13.1,7.10.3KB87073
VMware vCenter Server7.x, 6.xCVE-2021-44228, CVE-2021-45046Patch PendingKB87081
VMware Unified Access Gateway21.x, 20.x, 3.xCVE-2021-44228, CVE-2021-450462111.1KB87092
VMware vRealize Operations8.xCVE-2021-44228, CVE-2021-450468.6.2KB87076
VMware vRealize Log Insight8.xCVE-2021-44228, CVE-2021-450468.6.2KB87089

三、升级参考文档:

vCenter临时处理方法:vCenter Server 受Apache Log4j2漏洞影响临时解决方法

Horizon更新:VMware Horizon连接服务器升级步骤

vRealize Operations 更新:升级VMware vRealize Operations Manager补丁

dinghui.org

关注虚拟化及IT技术发展!

发表评论