VMware Just Announced VMSA-2021-0028 with a CVSSv3 Score of 10

Early this morning 11th Dec 2021, SGT, VMware has release a security advisory announcement for VMSA-2021-0028 regarding a critical vulnerability in Apache Log4j identified by CVE-2021-44228 with a CVSSv3 full score rating of 10.

Immediately, VMware has worked on several of the affected products that are affected with workaround or patches. As this is a full score rating, we likely to see VMware update workaround at least and release patches in the next few days. Do check back the page to see more updates.

Do note that this is not a vulnerability specific to VMware. This is an Apache vulnerability. It is affecting all solutions that uses Apache. So do check out your environment and ensure all solutions used in your environment that do contain Apache Log4j is worked on.

A FAQ site is also release for those with questions regarding this.

If you are not aware do subscribe to VMware Security Advisory.

Comments

Popular posts from this blog

Why VMware or Why Not after Broadcom?

VMware Certifications Updates

VMware vExpert 2025 Applications Starts Now!