QID 376245

Date Published: 2022-01-18

QID 376245: VMware Tanzu GemFire Log4j Remote Code Execution (RCE) Vulnerability (VMSA-2021-0028) (Log4Shell)

VMware GemFire is a distributed data management platform. Pivotal GemFire is designed for many diverse data management situations, but is especially useful for high-volume, latency-sensitive, mission-critical, transactional systems.

VMware GemFire when deployed without a SecurityManager, contain a JMX service available which contains an insecure default configuration.

Affected Versions
VMware GemFire versions prior to 9.10.13
VMware GemFire versions prior to 9.9.7

QID Detection Logic
This QID checks for the vulnerable version of VMware GemFire on system

A malicious actor with network access to an impacted VMware product may exploit this issue to gain full control of the target system.

  • CVSS V3 rated as Critical - 10 severity.
  • CVSS V2 rated as Critical - 9.3 severity.
  • Solution
    User are advised to upgrade to following versions v9.10.13, v9.9.7Workaround:

    Refer to Workaround instructions for GemFire for more information.

    CVEs related to QID 376245

    Software Advisories
    Advisory ID Software Component Link
    VMSA-2021-0028 URL Logo www.vmware.com/security/advisories/VMSA-2021-0028.html