Has anyone heard of this CVE notification? If So how is it fixed?
What version of vSphere/vCenter are you running?
The ESX hypervisor is not affected by log4j since it is not used (https://kb.vmware.com/s/article/87068).
vCenter is affected though and the workarounds are mentioned here: https://kb.vmware.com/s/article/87068 . This article applies to 6.0, 6.5, 6.7 and 7.0
If you're looking for older versions, check the following community thread: https://communities.vmware.com/t5/VMware-vSphere-Discussions/Is-VSphere-5-5-0-also-impacted-Log4j/m-...
