![]() ![]() Tracked as CVE-2021–44228 and by the monikers Log4Shell or LogJam, the issue concerns a case of unauthenticated, remote code execution (RCE) on any application that uses the open-source utility and affects versions Log4j 2.0-beta9 up to 2.14.1. “However, given the severity of the vulnerability, we strongly recommend immediate action.The Apache Software Foundation has released fixes to contain an actively exploited zero-day vulnerability affecting the widely-used Apache Log4j Java-based logging library that could be weaponized to execute malicious code and allow a complete takeover of vulnerable systems. All environments are different, have different tolerance for risk, and have different security controls and defense-in-depth to mitigate risk, so customers must make their own decisions on how to proceed. ![]() Organizations that practice change management using the ITIL definitions of change types would consider this an “emergency change,” VMware added. “Workarounds, while convenient, do not remove the vulnerabilities, and may introduce additional complexities that patching would not.” The only way to remove the vulnerabilities from your environment is to apply the patches provided in VMware’s alert ( VMSA-2021-0011) on this bug, the company said. VMware has issued patches for Workspace ONE Access versions 21.08.x and 20.10.x, and for Identity Manager versions 3.3.x. VMware rated it in the Critical severity range with a score under the Common Vulnerability Scoring System (CVSSv3) of 9.8. VMware disclosed the vulnerability on April 6, along with bugs in other products.ĬVE-2022-22954 is a server-side template injection remote code execution vulnerability. Separately, active attacks are already being seen that successfully infect Workspace ONE Access and VMware Identity Manager servers with coin miners. That proof of concept could be used by threat actors as the basis for an attack. The Bleeping Computer news site quotes security researchers saying a proof-of-concept exploit has been released online for the VMware CVE-2022-22954 remote code execution vulnerability. Hackers are trying to take advantage of a recently discovered critical vulnerability in VMware Workspace ONE Access and VMware Identity Manager, adding to the pressure to install patches for this as soon as possible. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |