CVE-2021-44228 has been determined to impact vRealize Operations 8.0.x - 8.6 via the Apache Log4j open source component it ships.  This vulnerability and its impact on VMware products are documented in the following VMware Security Advisory (VMSA), please review this document before continuing:

• CVE-2021-44228 - VMSA-2021-0028

Management Packs Affected:

• vRealize Operations Aggregator Management Pack 2.0
• vRealize Operations Management Pack for CloudHealth 1.2
• vRealize Operations Management Pack for Google Cloud Platform 1.2
• vRealize Operations Management Pack for Horizon 1.2.1
• vRealize Operations Management Pack for Kubernetes 1.5.2
• vRealize Operations Management Pack for Kubernetes 1.6
• vRealize Operations Management Pack for NSX on vSphere 3.7.1
• vRealize Operations Management Pack for SDDC 8.2
• vRealize Operations Management Pack for SDDC 8.4
• vRealize Operations Management Pack for SDDC 8.6
• vRealize Operations Management Pack for Skyline 2.0.
• vRealize Operations Management Pack for Skyline 2.1
• vRealize Operations Management Pack for SNMP 3.1
• vRealize Operations Management Pack for SNMP 3.2
• vRealize Operations Management Pack for vCloud Director 5.4
• vRealize Operations Management Pack for vCloud Director 5.5
• vRealize Operations Management Pack for vCloud Director 8.6
• vRealize Operations Management Pack for VMware Identity Manager 1.1.1
• vRealize Operations Management Pack for VMware Identity Manager 1.2
• vRealize Operations Management Pack for VMware Identity Manager 1.3
• vRealize Operations Management Pack for VMware Integrated OpenStack 6.1
• vRealize Operations Management Pack for VMware Integrated OpenStack 6.2
• vRealize Operations Management Pack for vRealize Orchestrator 3.2
• vRealize Operations Management Pack for Storage Devices 8.4
• vRealize Operations Tenant App for VMware Cloud 2.4
• vRealize Operations Tenant App for VMware Cloud 2.5
• vRealize Operations Tenant App for VMware Cloud 2.6.1
• vRealize Operations Tenant App for VMware Cloud Director 8.6

Note: Both on-prem and cloud deployments are affected.

vRealize Operations Cloud Deployments:
We have taken the necessary actions to protect your environment from exploitation due to CVE-2021-44228. The vRealize Operations Cloud services have already been patched.  Any Cloud Proxy appliances deployed on your local site(s) must have the workaround implemented manually by following the steps in the article.

1. Follow the resolution steps in KB 332378 for vRealize Operations.
2. Upgrade any installed affected management packs to a fixed version. See the list of fixed management pack versions below, with a link to download it from VMware Downloads.

• vRealize Operations Aggregator Management Pack 2.0.1
• vRealize Operations Management Pack for Google Cloud Platform 1.2.1
• vRealize Operations Management Pack for Horizon 1.2.2
• vRealize Operations Management Pack for Kubernetes 1.5.3
• vRealize Operations Management Pack for Kubernetes 1.6.1
• vRealize Operations Management Pack for NSX on vSphere 3.7.2
• vRealize Operations Management Pack for SDDC 8.2.1
• vRealize Operations Management Pack for SDDC 8.4.1
• vRealize Operations Management Pack for SDDC 8.6.1
• vRealize Operations Management Pack for SNMP 3.1.1
• vRealize Operations Management Pack for SNMP 3.2.1
• vRealize Operations Management Pack for vCloud Director 5.4.1
• vRealize Operations Management Pack for vCloud Director 5.5.1
• vRealize Operations Management Pack for vCloud Director 8.6.1
• vRealize Operations Management Pack for VMware Identity Manager 1.1.2
• vRealize Operations Management Pack for VMware Identity Manager 1.2.1
• vRealize Operations Management Pack for VMware Identity Manager 1.3.1
• vRealize Operations Management Pack for vRealize Orchestrator 3.2.1
• vRealize Operations Management Pack for Storage Devices 8.4.1
• vRealize Operations Tenant App for VMware Cloud Director 2.4.1
• vRealize Operations Tenant App for VMware Cloud Director 2.5.1
• vRealize Operations Tenant App for VMware Cloud Director 2.6.2
• vRealize Operations Tenant App for VMware Cloud Director 8.6.2

Please be aware that many above mentioned solutions have been deprecated, hence there isn't any download link listed.