[Security-announce] VMSA-2021-0028 Updates
VMware Security Announcements
security-announce at lists.vmware.com
Mon Dec 20 11:17:20 PST 2021
-----BEGIN PGP SIGNED MESSAGE-----
VMSA-2021-0028 - VMware Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)
Please see the updated advisory here: https://www.vmware.com/security/advisories/VMSA-2021-0028.html
Added a note on current CVE-2021-45105 investigations.
"A new vulnerability identified by CVE-2021-45105 has been disclosed by the Apache Software Foundation that impacts log4j releases prior to 2.17 in non-default configurations. Shortly after this announcement VMware began investigating the potential impact of this vulnerability. At the time of this update, we have not found a valid attack vector to exploit CVE-2021-45105 in any VMware products, but investigations will continue. VMware will update log4j to 2.17 in future releases of our products."
You are receiving this alert because you are subscribed to the VMware Security Announcements mailing list. To modify your subscription or unsubscribe please visit https://lists.vmware.com/mailman/listinfo/security-announce.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Security-announce