VIDM 3.3.3-4-5 – Quick Tip – VMware released Script for CVE-2021-44228 (Apache Log4j Vulnerability)

Hi!

Over the past few days a critical vulnerability has been identified in the Apache Log4j module and lots of applications over the world are affected by this. 

The latest information regarding VMware Products which have been affected by this vulnerability can be found here:

For VMware vRealize Lifecycle Manager 8.x – Please check on our previous blog here.

For VMware vRealize Automation 8.x – Please check on our previous blog here

For VMware vRealize Automation 7.6 – Please check on our previous blog here.

For VMware Identity Manager (VIDM) 3.3.3 – 3.3.4 & 3.3.5 VMware provides a workaround currently. See the KB below:

VMware has updated this KB to include a log4j.sh script that applies the Workaround stated in the KB. Less manual steps are needed now.

Just scroll all the way down in the KB Article to the following section:

The log4j.sh script can be downloaded from the ‘Attachments‘ section on the right side of the KB page.

Good luck!

5 thoughts on “VIDM 3.3.3-4-5 – Quick Tip – VMware released Script for CVE-2021-44228 (Apache Log4j Vulnerability)

  1. Pingback: Log4j patch for vRealize Automation 8.x and vRealize Orchestrator 8.x (KB87120)
  2. Pingback: Log4j patch for vRealize Automation 7.6 and vRealize Orchestrator 7.6 (KB87121)
  3. Pingback: Log4j – How to patch VMware vRLSCM, vIDM, vRA 7.6-8.x (VMSA-2021-0028)
  4. Pingback: vRSLCM 8.x – Quick Tip – log4jfix.sh Fix Error: Binary Operator Expected – CVE-2021-44228
  5. Pingback: vRSLCM 8.x – Quick Tip – log4jfix.sh Fix Error: Binary Operator Expected – CVE-2021-44228

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s