Apache Log4j2 Remote Code Execution vulnerability CVE-2021-44228
VMware 产品几乎全部沦陷,详见安全公告。
仅有少量产品不受影响(详见 kb)。
响应矩阵
Updated On: 2022-02-14 所有产品修复完毕。
Product | Version | Running On | CVE Identifier | CVSSv3 | Severity | Fixed Version | Workarounds | Additional Documentation |
---|---|---|---|---|---|---|---|---|
VMware Horizon | 8.x, 7.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | KB87073 | KB87073 | None |
VMware vCenter Server | 7.x | Virtual Appliance | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 7.0U3c | KB87081 | None |
VMware vCenter Server | 6.7.x | Virtual Appliance | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 6.7 U3q | KB87081 | None |
VMware vCenter Server | 6.7.x | Windows | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 6.7 U3q | KB87096 | None |
VMware vCenter Server | 6.5.x | Virtual Appliance | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 6.5 U3s | KB87081 | None |
VMware vCenter Server | 6.5.x | Windows | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 6.5 U3s | KB87096 | None |
VMware Cloud Foundation | 4.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 4.4 | KB87095 | None |
VMware Cloud Foundation | 3.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 3.11 | KB87095 | None |
VMware HCX | 4.3 | Any | CVE-2021-44228, CVE-2021-45046 | N/A | N/A | Not Affected | N/A | N/A |
VMware HCX | 4.2.x, 4.0.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 4.2.4 | KB87104 | None |
VMware HCX | 4.1.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 4.1.0.3 | KB87104 | None |
VMware NSX-T Data Center | 3.1.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 3.1.3.5 | KB87086 | None |
VMware NSX-T Data Center | 3.0.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 3.0.3.1 | KB87086 | None |
VMware NSX-T Data Center | 2.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 2.5.3.4 | KB87086 | None |
VMware Unified Access Gateway | 21.x, 20.x, 3.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 2111.1 | KB87092 | None |
VMware Workspace ONE Access | 21.x, 20.10.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | KB87183 | KB87090 | None |
VMware Identity Manager | 3.3.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 3.3.6 | KB87093 | None |
VMware Site Recovery Manager, vSphere Replication | 8.5.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 8.5.0.2 | KB87098 | None |
VMware Site Recovery Manager, vSphere Replication | 8.4.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 8.4.0.4 | KB87098 | None |
VMware Site Recovery Manager, vSphere Replication | 8.3.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 8.3.1.5 | KB87098 | None |
VMware vCenter Cloud Gateway | 1.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | KB87081 | KB87081 | None |
VMware Workspace ONE Access Connector (VMware Identity Manager Connector) | 21.08.0.1, 21.08, 20.10, 19.03.0.1 | Windows | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | KB87184 | KB87091 | None |
VMware Horizon DaaS | 9.1.x, 9.0.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | KB87101 | KB87101 | None |
VMware Horizon Cloud Connector | 1.x, 2.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 2.1.2 | None | None |
VMware NSX Data Center for vSphere | 6.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 6.4.12 | KB87099 | None |
VMware AppDefense Appliance | 2.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | N/A | UeX 109180 | None |
VMware Cloud Director Object Storage Extension | 2.1.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 2.1.0.1 | KB87102 | None |
VMware Cloud Director Object Storage Extension | 2.0.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 2.0.0.3 | KB87102 | None |
VMware Telco Cloud Operations | 1.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 1.4.0.1 | KB87143 | None |
VMware Smart Assurance NCM | 10.1.6.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 10.1.6.1 | KB87113 | None |
VMware Smart Assurance SAM [Service Assurance Manager] | 10.1.5 | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 10.1.5.5 | KB87119 | None |
VMware Smart Assurance SAM [Service Assurance Manager] | 10.1.2.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 10.1.2.16 | KB87119 | None |
VMware Smart Assurance SAM [Service Assurance Manager] | 10.1.0.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 10.1.0.16 | KB87119 | None |
VMware Integrated OpenStack | 7.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 7.2 | KB87118 | None |
VMware Cloud Provider Lifecycle Manager | 1.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 1.2.0.1 | KB87142 | None |
VMware SD-WAN VCO | 4.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | KB87158 | KB87158 | None |
VMware NSX Intelligence | 1.2.x, 1.1.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 1.2.1.1 | KB87150 | None |
VMware Horizon Agents Installer | 21.x.x, 20.x.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | KB87157 | KB87157 | None |
VMware Smart Assurance M&R | 9.6-6.8u5, 10.1.2-7.0u8, 10.1.5-7.2 | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 10.1.7-7.3.0.5 | KB87161 | None |
Product | Version | Running On | CVE Identifier | CVSSv3 | Severity | Fixed Version | Workarounds | Additional Documentation |
---|---|---|---|---|---|---|---|---|
VMware Carbon Black Cloud Workload Appliance | 1.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 1.1.2 | UeX 190167 | None |
VMware Carbon Black EDR Server | 7.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 7.6.1 | UeX 109183 | None |
Product | Version | Running On | CVE Identifier | CVSSv3 | Severity | Fixed Version | Workarounds | Additional Documentation |
---|---|---|---|---|---|---|---|---|
VMware vRealize Automation | 8.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 8.6.2 | KB87120 | None |
VMware vRealize Automation | 7.6 | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | KB70911 | KB87121 | None |
VMware vRealize Business for Cloud | 7.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | KB87539 | KB87127 | None |
VMware vRealize Lifecycle Manager | 8.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 8.6.2 | KB87097 | None |
VMware vRealize Log Insight | 8.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | KB87519 | KB87089 | None |
VMware vRealize Network Insight | 6.x, 5.3 | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 6.5.1 | KB87135 | None |
VMware vRealize Operations | 8.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | KB87076 | KB87076 | None |
VMware vRealize Operations Cloud (Cloud Proxy) | Any | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | Q4FY22 Cloud Update | KB87080 | None |
VMware vRealize Operations Tenant App for VMware Cloud Director | 2.5 | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 2.5.1 | KB87187 | None |
VMware vRealize Orchestrator | 8.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 8.6.2 | KB87120 | None |
VMware vRealize Orchestrator | 7.6 | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | KB70629 | KB87122 | None |
VMware vRealize True Visibility Suite | Any | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | KB87136 | KB87136 | None |
Product | Version | Running On | CVE Identifier | CVSSv3 | Severity | Fixed Version | Workarounds | Additional Documentation |
---|---|---|---|---|---|---|---|---|
App Metrics | 2.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 2.1.2 | None | None |
API Portal for VMware Tanzu | 1.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 1.0.8 | None | None |
Healthwatch for Tanzu Application Service | 2.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 2.1.8 | None | None |
Healthwatch for Tanzu Application Service | 1.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 1.8.7 | None | None |
Single Sign-On for VMware Tanzu Application Service | 1.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 1.14.6 | None | None |
Spring Cloud Gateway for Kubernetes | 1.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 1.0.7 | None | None |
Spring Cloud Gateway for VMware Tanzu | 1.1.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 1.1.4 | None | None |
Spring Cloud Gateway for VMware Tanzu | 1.0.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 1.0.19 | None | None |
Spring Cloud Services for VMware Tanzu | 3.x | Any | CVE-2021-44228, CVE-2021-45046 | !0.0, 9.0 | critical | 3.1.27 | None | None |
Spring Cloud Services for VMware Tanzu | 2.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 2.1.10 | None | None |
VMware Greenplum Text | 3.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 3.8.1 | Article Number 13256 | None |
VMware Harbor Container Registry for TKGI | 2.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 2.4.1 | Article Number 13263 | None |
VMware Tanzu Application Service for VMs | 2.12.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 2.12.5 | Article Number 13265 | None |
VMware Tanzu Application Service for VMs | 2.11.x | Any | CVE-2021-44228, CVE-45046 | 10.0, 9.0 | critical | 2.11.13 | Article Number 13265 | None |
VMware Tanzu Application Service for VMs | 2.10.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 2.10.24 | Article Number 13265 | None |
VMware Tanzu Application Service for VMs | 2.9.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 2.9.30 | Article Number 13265 | None |
VMware Tanzu Application Service for VMs | 2.8.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 2.8.30 | Article Number 13265 | None |
VMware Tanzu Application Service for VMs | 2.7.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 2.7.44 | Article Number 13265 | None |
VMware Tanzu GemFire | 9.10.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 9.10.13 | Article Number 13255 | None |
VMware Tanzu GemFire | 9.9.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 9.9.7 | Article Number 13255 | None |
VMware Tanzu GemFire for VMs | 1.14.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 1.14.2 | Article Number 13262 | None |
VMware Tanzu GemFire for VMs | 1.13.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 1.13.5 | Article Number 13262 | None |
VMware Tanzu GemFire for VMs | 1.12.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 1.12.4 | Article Number 13262 | None |
VMware Tanzu Greenplum Platform Extension Framework | 6.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 6.2.1 | Article Number 13256 | None |
VMware Tanzu Kubernetes Grid Integrated Edition | 1.13.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 1.13.1 | Article Number 13263 | None |
VMware Tanzu Kubernetes Grid Integrated Edition | 1.10.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 1.10.8 | Article Number 13263 | None |
VMware Tanzu Observability by Wavefront Nozzle | 3.x, 2.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 3.0.4 | None | None |
VMware Tanzu Observability Proxy | 10.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 10.12 | Article Number 13272 | None |
VMware Tanzu Operations Manager | 2.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 2.10.25 | Article Number 13264 | None |
VMware Tanzu Scheduler | 1.x | Any | CVE-2021-44228, CVE-2021-45046 | 10.0, 9.0 | critical | 1.6.1 | Article Number 13280 | None |
下载仅供下载体验和测试学习,不得商用和正当使用。
下载体验