Over the past few days a critical vulnerability has been identified in the Apache Log4j module and lots of applications over the world are affected by this.
The latest information regarding VMware Products which have been affected by this vulnerability can be found here:
For VMware Identity Manager (VIDM) 3.3.3 – 3.3.4 & 3.3.5 VMware provides a workaround currently. See the KB below:
VMware has updated this KB to include a log4j.sh script that applies the Workaround stated in the KB. Less manual steps are needed now.
Just scroll all the way down in the KB Article to the following section:
The log4j.sh script can be downloaded from the ‘Attachments‘ section on the right side of the KB page.