Workaround instructions to address CVE-2021-44228 and CVE-2021-45046 in True Visibility Suite (TVS) Management Packs for vRealize Operations
search cancel

Workaround instructions to address CVE-2021-44228 and CVE-2021-45046 in True Visibility Suite (TVS) Management Packs for vRealize Operations

book

Article ID: 324381

calendar_today

Updated On:

Products

VCF Operations/Automation (formerly VMware Aria Suite)

Issue/Introduction

CVE-2021-44228 and CVE-2021-45046 have been determined to impact vRealize Operations Cloud via the Apache Log4j open source component it ships.  This vulnerability and its impact on VMware products are documented in the following VMware Security Advisory (VMSA), please review this document before continuing: TVS Management Packs Affected:
  • TVS MP for Apache Tomcat
  • TVS MP for Citrix ADC
  • vROps MP for Dell EMC Isilon (formerly TVS MP for Dell EMC Isilon)
  • vROps MP for Dell EMC Powermax-VMax (formerly TVS MP for Dell EMC Powermax-VMax)
  • vROps MP for Dell EMC Xtremio (formerly TVS MP for Dell EMC Xtremio)
  • TVS MP for F5 Big-IP
  • vROps MP for HPE 3Par StoreServ (formerly TVS MP for HPE 3Par StoreServ)
  • vROps MP for HPE Nimble, formerly TVS MP for HPE Nimble
  • vROps MP for HPE Proliant (formerly TVS MP for HPE Proliant)
  • vROps MP for Netapp E-Series (formerly TVS MP for Netapp E-Series)
  • TVS MP for Nutanix 
  • TVS MP for Redhat JBOSS EAP
  • TVS MP for SAP 
  • TVS MP for Meditech
Note: Both on-prem and cloud deployments are affected.

vRealize Operations Cloud Deployments:
We have taken the necessary actions to protect your environment from exploitation due to CVE-2021-44228. The vRealize Operations Cloud services have already been patched.  Any Cloud Proxy appliances deployed on your local site(s) must have the workaround implemented manually by following the steps in the article.


Environment

VMware Aria Management Pack for HPE 3PAR StoreServ
VMware Aria Management Pack for NetApp E-Series
VMware Aria True Visibility Suite 1.0
VMware Aria Management Pack for Dell EMC PowerMax & VMAX

Resolution


  1. Follow the resolution steps in KB 87076 for vRealize Operations

  2. This issue is resolved in the following releases:

  • vRealize Operations 8.1.1 Hot Fix 10
  • vRealize Operations 8.2 Hot Fix 10 
  • vRealize Operations 8.3 Hot Fix 9 
  • vRealize Operations 8.4 Hot Fix 6 
  • vRealize Operations 8.5 Hot Fix 5
  • vRealize Operations 8.6.2 


  The workarounds described in this document are meant to be a temporary solution only.

  Upgrades documented in VMSA-2021-0028 should be applied to remediate CVE-2021-44228 and CVE-2021-45046 when available.


  Workaround: 
 
  The workaround for CVE-2021-44228 and CVE-2021-45046 to vRealize Operations will mitigate the vulnerability to all affected TVS Managements Packs. That workaround for vRealize Operations can be found at the following links using the correct type of deployment (on-prem or cloud).

  Note: These workaround steps should be applied for any vRealize Operations deployment, regardless of which management packs are installed.

Additional Information

To revert the workaround for CVE-2021-44228 and CVE-2021-45046 to vRealize Operations perform the following steps:
vRealize Operations On-Prem Deployment
  • Revert to the snapshot taken of each node prior to implementing the workaround.
vRealize Operations Cloud Deployment 
  • Revert to the snapshot taken of each Cloud Proxy prior to implementing the workaround.
Change Log:
  • December 15th 2021 - 10:52 AM EST: Initial draft
  • December 17th 2021 - 2:45 PM EST: Added references to "CVE-2021-45046".
  • January 4th 2022 - 9:26 AM EST: Added resolution steps.


Impact/Risks:
It is highly recommended to take snapshots of the vRealize Operations Cloud Proxies following How to take a Snapshot of vRealize Operations.
Note: These snapshots are required if you should have to revert the workaround for any reason.

Powered by Wolken Software