VMSA-2021-0028.10
9.0-10.0
VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)
Apache Log4j’de CVE-2021-44228 ve CVE-2021-45046 tarafından tanımlanan kritik güvenlik açıkları, VMware ürünlerini etkileyen genel olarak açıklanmıştır.
Etkilenen Ürünler
- VMware Horizon
- VMware vCenter Server
- VMware HCX
- VMware NSX-T Data Center
- VMware Unified Access Gateway
- VMware WorkspaceOne Access
- VMware Identity Manager
- VMware vRealize Operations
- VMware vRealize Operations Cloud (Cloud Proxy)
- VMware vRealize Automation
- VMware vRealize Lifecycle Manager
- VMware Site Recovery Manager, vSphere Replication
- VMware Carbon Black Cloud Workload Appliance
- VMware Carbon Black EDR Server
- VMware Tanzu GemFire
- VMware Tanzu GemFire for VMs
- VMware Tanzu Greenplum Platform Extension Framework
- VMware Greenplum Text
- VMware Tanzu Operations Manager
- VMware Tanzu Application Service for VMs
- VMware Tanzu Kubernetes Grid Integrated Edition
- VMware Tanzu Observability by Wavefront Nozzle
- Healthwatch for Tanzu Application Service
- Spring Cloud Services for VMware Tanzu
- Spring Cloud Gateway for VMware Tanzu
- Spring Cloud Gateway for Kubernetes
- API Portal for VMware Tanzu
- Single Sign-On for VMware Tanzu Application Service
- App Metrics
- VMware vCenter Cloud Gateway
- VMware vRealize Orchestrator
- VMware Cloud Foundation
- VMware Workspace ONE Access Connector
- VMware Horizon DaaS
- VMware Horizon Cloud Connector
- VMware NSX Data Center for vSphere
- VMware AppDefense Appliance
- VMware Cloud Director Object Storage Extension
- VMware Telco Cloud Operations
- VMware vRealize Log Insight
- VMware Tanzu Scheduler
- VMware Smart Assurance NCM
- VMware Smart Assurance SAM [Service Assurance Manager]
- VMware Integrated OpenStack
- VMware vRealize Business for Cloud
- VMware vRealize Network Insight
- VMware Cloud Provider Lifecycle Manager
- VMware SD-WAN VCO
- VMware NSX Intelligence
- VMware Horizon Agents Installer
- VMware Tanzu Observability Proxy
- VMware Smart Assurance M&R
- VMware Harbor Container Registry for TKGI
- VMware vRealize Operations Tenant App for VMware Cloud Director
**************************************************************************************************************************************************************************************
VMSA-2022-0001.1
7.7
VMware Workstation, Fusion and ESXi updates address a heap-overflow vulnerability (CVE-2021-22045)
VMware Workstation, Fusion ve ESXi’deki güvenlik açığı VMware’e özel olarak bildirildi. Etkilenen VMware ürünlerinde bu güvenlik açığını gidermek için güncellemeler mevcuttur.
Etkilenen Ürünler
- VMware ESXi
- VMware Workstation Pro / Player (Workstation)
- VMware Fusion
- VMware Cloud Foundation