Quelle: [VMSA-2021-0028.10 (vmware.com)]()https://www.vmware.com/security/advisories/VMSA-2021-0028.html
Critical vulnerabilities in Apache Log4j identified by CVE-2021-44228 and CVE-2021-45046 have been publicly disclosed which impact VMware products.
Description
Multiple products impacted by remote code execution vulnerabilities via Apache Log4j (CVE-2021-44228, CVE-2021-45046).
Known Attack Vectors
A malicious actor with network access to an impacted VMware product may exploit these issues to gain full control of the target system.
Resolution
Fixes for CVE-2021-44228 and CVE-2021-45046 are documented in the ‚Fixed Version‘ column of the ‚Response Matrix‘ below.
Workarounds
Workarounds for CVE-2021-44228 and CVE-2021-45046 are documented in the ‚Workarounds‘ column of the ‚Response Matrix‘ below.
Additional Documentation
None.
Acknowledgements
None.