This KB will help to automate Workaround instructions for CVE-2021-44228 and CVE-2021-45046 in vCenter Server and vCenter Cloud Gateway.
Before proceeding, refer to the below links for more information:
IMPORTANT: The steps in this article are now obsolete due to the release of vc_log4j_mitigator.py. Use Workaround instructions for CVE-2021-44228 and CVE-2021-45046 in vCenter Server and vCenter Cloud Gateway to remediate the vCenter Server Appliance.
Please refer to the Resolution section in KB Workaround instructions to address CVE-2021-44228 in vCenter Server and vCenter Cloud Gateway.
IMPORTANT: After finishing the steps here, you MUST complete the remediation process by running the remove_log4j_class.py script in Workaround instructions for CVE-2021-44228 and CVE-2021-45046 in vCenter Server and vCenter Cloud Gateway.
Follow the below steps to automate the workaround steps mentioned in Workaround instructions for CVE-2021-44228 and CVE-2021-45046 in vCenter Server and vCenter Cloud Gateway:
How to execute the script on vCenter Server Appliance:
Sample Screenshot from VCSA 7.0:
Sample Screenshot from VCSA 6.7 U3o (6.7.0.50000 build 18485166) or older builds:
Sample Screenshot from VCSA 6.7 U3p (build 18831133) or higher builds:
Impact/Risks: