Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

All Products: Where Can I find Information on CVE-2021-44228, CVE-2021-45046, CVE-2021-45105 and CVE-2021-44832?

All Products: Where Can I find Information on CVE-2021-44228, CVE-2021-45046, CVE-2021-45105 and CVE-2021-44832?

Environment

  • App Control Server: All Supported Versions
  • EDR Server: 7.3.0 to 7.6.0
  • Hosted EDR: 7.6.0
  • Carbon Black Cloud: All Supported Versions

Question

Where can I find information on CVE-2021-44228 (Log4Shell - Log4j Remote Code Execution) and subsequent CVE-2021-45046, CVE-2021-45105, CVE-2021-44832?

Answer


Additional Notes


Related Content

Vulnerability Information
CVE-2021-44228 (CVE) | CVE-2021-44228 (NVD)
CVE-2021-45046 (CVE) | CVE-2021-45046 (NVD)
CVE-2021-45105 (CVE) | CVE-2021-45105 (NVD)
CVE-2021-44832 (CVE) | CVE-2021-44832 (NVD)
https://logging.apache.org/log4j/2.x/security.html
VMware Blog & Discussions
Investigating CVE-2021-44228 Log4Shell Vulnerability - VMware Security Blog - VMware
VMSA-2021-0028 & Log4j: What You Need to Know (VMware Security Blog)
VMSA-2021-0028 & Log4j: What You Need to Know (VMware vSphere Blog)
Log in the Shell: An Analysis of Log4Shell Exploitation (VMware Security Blog)
VMSA-2021-0028: Questions & Answers about Log4j | VMware
New Security Advisory = VMSA-2021
How to Detect the Log4j Vulnerability on Linux Using VMware Carbon Black Cloud Vulnerability Assessm... (VMware Carbon Black Tech Zone)
External Articles
https://www.randori.com/blog/cve-2021-44228/ 
Digging deeper into Log4Shell - 0Day RCE exploit found in Log4j
Log4Shell: RCE 0-day exploit found in log4j 2, a popular Java logging package | LunaSec
CVE-2021-44228 - GitHub Advisory Database
Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability - Micr...
Log4Shell - Detecting Log4j 2 RCE Using Splunk 
Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228)
Product-specific Information
[VMware Carbon Black Hosted EDR] Declaring Emergency Maintenance to Address Critical Vulnerability i...
Log4Shell Mitigation Steps for VMware Carbon Black EDR
[VMware Carbon Black EDR] Log4Shell (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, CVE-2021-44832)...
Deployment - VMware Enterprise EEDR & EDR Detections
[VMware Carbon Black Hosted EDR] Declaring Emergency Maintenance to Address CVE-2021-44228 and Addit...
Sample Log4Shell (CVE-2021-44228) Data Forwarder Filters & Splunk Queries
[VMware Carbon Black Hosted EDR] Declaring Emergency Maintenance on 12/23 @ 7:00 AM EST – Deployment...
[VMware Carbon Black EDR] Announcing General Availability of EDR Server 7.6.1
VMware Carbon Black EDR Server 7.6.1 Release Notes
TAU-TIN-Log4Shell Exploitation
Other KB Articles
App Control: Is Application Control affected by the LOG4J vulnerability?
EEDR and EDR: Are There Threat Intel Feeds for CVE-2021-44228 (Log4j)?
EDR: How to add the Log4j Mitigation
General
VMware Security Advisories
Threat Research Documents
Carbon Black Status

Was this article helpful? Yes No
100% helpful (2/2)
Article Information
Author:
Creation Date:
‎12-10-2021
Views:
4167