QID 376245

Date Published: 2022-01-18

QID 376245: VMware Tanzu GemFire Log4j Remote Code Execution (RCE) Vulnerability (VMSA-2021-0028) (Log4Shell)

VMware GemFire is a distributed data management platform. Pivotal GemFire is designed for many diverse data management situations, but is especially useful for high-volume, latency-sensitive, mission-critical, transactional systems.

VMware GemFire when deployed without a SecurityManager, contain a JMX service available which contains an insecure default configuration.

Affected Versions
VMware GemFire versions prior to 9.10.13
VMware GemFire versions prior to 9.9.7

QID Detection Logic
This QID checks for the vulnerable version of VMware GemFire on system

A malicious actor with network access to an impacted VMware product may exploit this issue to gain full control of the target system.

CVSS V3 rated as Critical - 10 severity.

CVSS V2 rated as Critical - 9.3 severity.

Solution

User are advised to upgrade to following versions v9.10.13, v9.9.7Workaround:

Refer to Workaround instructions for GemFire for more information.

Vendor References

VMSA-2021-0028 - www.vmware.com/security/advisories/VMSA-2021-0028.html

CVEs related to QID 376245

CVE-2021-44228 | CVE-2021-45046 |

Software Advisories

Advisory ID	Software	Component	Link
VMSA-2021-0028			www.vmware.com/security/advisories/VMSA-2021-0028.html

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].