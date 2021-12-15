ContributorsPublishersAdvertisers
CVE-2021-44228; KB 87099 - check gives strange result

By Steven1973
vmware.com
 3 days ago

I applied the Work Around on two NSX-v managers (version 6.4.6.14819921) After the reboot on the first...

communities.vmware.com

paloaltonetworks.com

Another Apache Log4j Vulnerability Is Actively Exploited in the Wild (CVE-2021-44228)

This post is also available in: 日本語 (Japanese) On Dec. 9, 2021, a remote code execution (RCE) vulnerability in Apache log4j 2 was identified being exploited in the wild. Public proof of concept (PoC) code was released and subsequent investigation revealed that exploitation was incredibly easy to perform. By submitting a specially crafted request to a vulnerable system, depending on how the system is configured, an attacker is able to instruct that system to download and subsequently execute a malicious payload. Due to the discovery of this exploit being so recent, there are still many servers, both on-premises and within cloud environments, that have yet to be patched. Like many high severity RCE exploits, thus far, massive scanning activity for CVE-2021-44228 has begun on the internet with the intent of seeking out and exploiting unpatched systems. We highly recommend that organizations upgrade to the latest version (2.15.0-rc2) of Apache log4j 2 for all systems.
vmware.com

Does Log4j vulnerability CVE-2021-44228 affect any Horizon components

Are any of the components included in any Horizon products vulnerable to CVE-2021-44228? Horizon comprises from many Java programs, so is there any of them using Log4j as their logging framework and if it is so, are the used versions vulnerable to this CVE?. pretty sure that view horizon server...
securelist.com

CVE-2021-44228 vulnerability in Apache Log4j library

Last week information security media reported the discovery of the critical vulnerability CVE-2021-44228 in the Apache Log4j library (CVSS severity level 10 out of 10). The threat, also named Log4Shell or LogJam, is a Remote Code Execution (RCE) class vulnerability. If an attacker manages to exploit it on a vulnerable server, they gain the ability to execute arbitrary code and potentially take full control of the system. A publicly published Proof-of-Concept, as well as the vulnerability’s easy exploitability, make this situation particularly dangerous.
vmware.com

is vCenter 6.0 windows machine impacted by CVE-2021-44228?

I have a old vCenter environment running 6.0. As per the KB https://kb.vmware.com/s/article/87081 vCenter 6.5 and above is impacted. Workaround instructions to address CVE-2021-44228 in vCenter Server Windows (87096) (vmware.com) ..... vCenter Server 6.0 on Windows. vCenter Server 6.0 is no longer in general support but has also been identified...
securityboulevard.com

CVE-2021-44228 Log4Shell Detection

News is spreading fast about the recent CVE-2021-44228 Log4Shell vulnerability. SANS noted that the first exploit seen by Cloudflare was 4:36 GMT on December 1st. This was eight days prior to the Proof of Concept (PoC) exploit published on GitHub on December 9th. SANS saw first attempts at 12:32 PM on December 9th.
vmware.com

How can I test if the workaround for CVE-2021-44228 (Log4j) is applied in Horizon agent?

As the subject say, how can I verify if the workaround is applied correctly, after implementing the registry based fix for Log4j vulnerability to Horizon Agent on Windows?. (Ref.: https://kb.vmware.com/s/article/87073) 0 Kudos. 1 Reply. Hi Corpus_no,. The Windows Horizon Agent 2006, 7.13.x, 7.10.x are vulnerable only if vRealize Operations for...
vmware.com

Advanced Setting failing to change value

I am trying to change the value of Security.PasswordHistory, but when I do, I get a general "Failed - A general system error occurred: Internal error" error message, which doesn't really help at all. I am hardening this system, and the STIG guidance says to change this value to 5. I have done this previously with multiple builds and never had an issue, im not sure whats going on. I can change every other advanced setting value except for this one.
vmware.com

VMs on TreeNAS Core samba share permission problems.

I recently updated (unfortunately) both VMWare Workstation Pro and TrueNAS (freenas). After the update I got onto a problem that when I run a VM from a locale computer that its VM files (.vmx .vmd etc) are located on an SMB share on my TrueNAS (the SMB share is mounted as a disk in Windows), probably VMWare changes the permissions of the files (the .vmx file and some more), applying ACL permissions and removing everything else. This makes it impossible to access the VM after a restart of the local machine OR the VM itself. I have to go to the TrueNAS shell and manually do:
vmware.com

Re: CVE-2021-44228 Vmon log4J Issue

When i run "C:\Program Files\VMware\vCenter Server\python\python.exe" vMON.py I have an error message, could someone help ?. c:\Utils>"C:\Program Files\VMware\vCenter Server\python\python.exe" vMON.py. Traceback (most recent call last):. File "vMON.py", line 14, in <module>. content = json.load(f) File "C:\Program Files\VMware\vCenter Server\python\lib\json\__init__.py", lin. e 268, in load. parse_constant=parse_constant, object_pairs_hook=object_pairs_hook, **kw) File "C:\Program Files\VMware\vCenter Server\python\lib\json\__init__.py",...
vmware.com

Log4j log insight usage in v4.7

I was looking to patch LogInsight following the article https://kb.vmware.com/s/article/87089 and noted it was only for v8.2-8.6. We are running a legacy version (v4.7) which we cannot immediately upgrade. Does anyone know if the log4j vulnerability is an issue for this older version of LI?. Thanks in advance.
vmware.com

cve-2021-44228 workaround for vCenter Server Appliance 6.0 U3j

We have tried to follow KB87081 workaround on our VMware vCenter Server 6.0U3j (essentials) appliance but we cannot find the line 72 mentioned in the article. I need to know where to add the line if this article is applicable on essentials version?. vCenter Server Appliance 6.0 U3j Workaround. vCenter...
vmware.com

Enabling Apple GPU just gives a black screen (Monterey 12.1 host, Monterey 12.1 guest)

After my old macOS VM kept failing to start and didn't work with Apple GPU either, I tried to create a new one, but it still doesn't seem to work with Apple GPU. There's no VMware or Apple logo when booting, and the screen doesn't resize to what I've set it to in the config file (1280x720). Why doesn't it work? I have used Anka before on this same Mac, where the Apple GPU support worked no problem.
vmware.com

[resolved] Can't connect to bridged VM running under WIndows

When using bridged network, I can do whatever I wish from "internal" (VM) Windows system, but I can't connect to it - either from host OS, or from outside. Guest OS gets IP via DHCP, so bridging works at least one way (I need it to work both). Windows (aka...
zoom.us

Zoom Security Bulletin for CVE-2021-44228 and CVE-2021-45046

On December 9, 2021, a vulnerability identified as CVE-2021-44228 was disclosed in the Apache Log4j Java logging library affecting all Log4j versions prior to 2.15.0. Upon becoming aware of the initial vulnerability disclosure on December 9, Zoom’s Security Team immediately began investigating. We applied Apache’s recommended mitigations to Zoom systems identified at that time as running a vulnerable version of Log4j.
vmware.com

vCenter add domain account from SSH

I have a weird situation with one of my vCenter servers. Luckily I still have an SSH session open with root privileges. I have local root admin account but I forgot my password for administrator@vsphere.local. So the password for administrator vsphere domain account is used in other places and for...
vmware.com

Workstation 16.1.2 Pro, under Windows 11 host, Windows guest in VM crashes on startup

This Reddit post sums up this issue well: https://www.reddit.com/r/vmware/comments/ph590g/vm_does_not_start_on_workstation_1612_pro_windows/. Basically using Workstation Pro 16.1.2 on a Windows 11 host, if you create a Windows guest VM, and the host system has Hyper-V enabled in any form (in my case its present because I have WSL2 enabled in the host), and if you have more than one processor and/or one core per processor selected for the guest, the Windows guest VM crashes at boot:
vmware.com

vROPs 8.4 Report that shows Sustained Maximums

I am looking for a way to generate a report that shows when VM's have reached their Maximums that we have set over a period of time. For instance. When a host boots up, this may cause resources to reach their max, but only a a blip. I'm trying to see if I can figure out a report to show when a VM has reached their max of a certain resource, and has actually sustained that for lets say 10 minutes.
vmware.com

Error "Review reported message in PSOD screen to identify NMI error....."

An unread host kernel core dump has been found. Size of scratch partition 5fc3fe38-d73512c4-ea3f-000af7c9528b is too small. Recommended scratch partition size is 6032 MiB. VMTN has an area for ESXi, expect a moderator to move your thread to that area. -------------------------------------------------------------------------------------------------------------------------------------------------------------
