Tag: vCenter

VMware Security Advisory

VMSA-2020-0023 – VMware ESXi, Workstation, Fusion and NSX-T Vulnerabilities

Constantin Ghioc Leave a comment

VMware has released a new security advisory VMSA-2020-0023: VMware ESXi, Workstation, Fusion, NSX-T, and vCenter Server Appliance updates address multiple security vulnerabilities. VMware Cloud Foundation is also an impacted product.

ESXi OpenSLP remote code execution vulnerability (CVE-2020-3992)

OpenSLP as used in ESXi has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution. If you can’t upgrade to the fixed version, as a workaround you can disable CIM server, documented in VMware KB 76372.

Affected products:

  • ESXi 7.0 – update to ESXi_7.0.1-0.0.16850804
  • ESXi 6.7 – update to ESXi670-202010401-SG
  • ESXi 6.5 – update to ESXi650-202010401-SG
  • VMware Cloud Foundation 4.x – update to 4.1
  • VMware Cloud Foundation 3.x – update to 3.10.1.1
Read More
vCenter Server 7.0.0b

VMware vCenter Server 7.0.0b

Constantin Ghioc Leave a comment

VMware released a new vCenter Server version: 7.0.0b, 7.0.0.10400, build 16386292. In this article I cover the resolved issues and I show how easy is to update from the previous version of vCenter Server 7.0.0 to the latest 7.0.0b.

In case you are looking for an upgrade demonstration from vCenter Server 6.7 to vCenter Server 7.0.0, you can check my other article: How to Upgrade vCenter Server Appliance from 6.7 to 7.0 – Stage 1.

If you want to install vCenter 7.0.0, please check How to Install VMware vSphere 7.0.

vCenter Server 7.0.0b – Resolved Issues

vCenter Server 7.0.0b introduces two new features:

  • It adds a Replication State Change alarm to the vCenter Server Appliance that displays when a replication state changes to READ_ONLY.
  • You can use the Show only rollup updates toggle button to filter and select patches that you want to include in a baseline when using the vSphere Lifecycle Manager.

This release of vCenter Server delivers the following patch:

  • VMware-vCenter-Server-Appliance-7.0.0.10400-16386292-patch-FP.iso
Read More
VMware vCenter Server 6.7 Update 3f

VMware vCenter Server 6.7 Update 3f

Constantin Ghioc Leave a comment

VMware released a new vCenter Server version: 6.7 Update 3f, 6.7.0.43000, build 15976714. In this article I will cover the resolved issues and I will show how easy is to update from a previous version of vCenter Server 6.7 to VMware vCenter Server 6.7 Update 3f.

In case you are looking for a plain installation of vCenter Server 6.7, you can check my other article: How to Install VCSA 6.7 (VMware vCenter Server Appliance).

Resolved Issues

This release of vCenter Server 6.7 Update 3f delivers the following patch:

  • Security Patch for VMware vCenter Server 6.7 Update 3f (VMware-vCenter-Server-Appliance-6.7.0.43000-15976714-patch-FP.iso)

VMware vCenter Server 6.7 Update 3f resolves a critical security issue documented in security advisory VMSA-2020-0006: vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller (PSC), may not correctly implement access controls. A malicious actor with network access to an affected vmdir deployment may be able to extract highly sensitive information which could be used to compromise vCenter Server or other services which are dependent upon vmdir for authentication.

Read More

How to Upgrade vCenter Server Appliance from 6.7 to 7.0 – Stage 2

Constantin Ghioc Leave a comment

In a previous article (How to Upgrade vCenter Server Appliance from 6.7 to 7.0 – Stage 1) I walked through the first phase of the upgrade process for vCSA 7.0 – Deploy the OVA File of the new vCenter Server Appliance. In this article I will cover phase 2 of the vCenter upgrade – transfer the data and setup the newly deployed vCenter Server Appliance.

Upgrade vCenter Server Appliance from 6.7 to 7.0 – Stage 2

In the last step of the phase 1, I was presented with the following screen:

Upgrade-vCenter-Server-Appliance-from-6.7-to-7.0-Deploy-VCSA-Completed
Read More
Upgrade vCenter Server Appliance from 6.7 to 7.0 - Stage 1

How to Upgrade vCenter Server Appliance from 6.7 to 7.0 – Stage 1

Constantin Ghioc Leave a comment

In this article I will demonstrate how to upgrade vCenter Server Appliance running 6.7 to the target version of 7.0. I will upgrade an embedded deployment running in my home lab using the GUI method.

The upgrade procedure consists in two steps:

  1. Stage 1 – Deploy the OVA File of the new vCenter Server Appliance
  2. Stage 2 – transfer the data and setup the newly deployed vCenter Server Appliance

In this article I will cover Stage 1 (deployment of a new vCSA 7.0). In a later article I will cover Stage 2 (data migration from the old 6.7 vCSA to the new 7.0 vCSA).

Read More
VMware vCenter Server 6.7 Update 3b

VMware vCenter Server 6.7 Update 3b

Constantin Ghioc Leave a comment

VMware released a new vCenter Server version: 6.7 Update 3b, 6.7.0.42000, build 15132721. In this article I will cover the resolved issues and I will show how easy is to update from a previous version of vCenter Server 6.7 to VMware vCenter Server 6.7 Update 3b.

In case you are looking for a plain installation of vCenter Server 6.7, you can check my other article: How to Install VCSA 6.7 (VMware vCenter Server Appliance).

Resolved Issues

This release of vCenter Server 6.7 Update 3b delivers the following patches:

  • Security Patch for VMware vCenter Server 6.7 Update 3b (applicable for vCenter Server for Windows, Platform Services Controller for Windows, and vSphere Update Manager.; updates JRE version to 1.8.0_221)
  • Full Patch for VMware vCenter Server Appliance 6.7 Update 3b (Product Patch for vCenter Server Appliance containing VMware software fixes, security fixes, and Third Party Product fixes)
Read More
Install VCSA 6.7

How to Install VCSA 6.7 (VMware vCenter Server Appliance)

Constantin Ghioc 1 Comment

In this article I will show you how to install VCSA 6.7 (VMware vCenter Server Appliance).

To start, you need an installation kit of vCenter Server Appliance 6.7. For this article, I will use the VCSA 6.7 Update 1 version – VMware-VCSA-all-6.7.0-10244745.iso (the latest available at the time I wrote this article).

Note: If you look for VCSA upgrade instructions, check this article: How to Upgrade vCenter Server Appliance from 6.5 to 6.7 – Stage 1.

Install VCSA 6.7 (VMware vCenter Server Appliance) – Stage 1

To launch the installer I will use a Windows virtual machine (alternatively you can use a Mac or a Linux system). Unzip the archive and navigate to VMware-VCSA-all-6.7.0-10244745\vcsa-ui-installer\win32 folder. Launch installer.exe and begin to install VCSA 6.7.

Install VCSA 6.7 - installer.exe

Read More

How to Upgrade vCenter Server Appliance from 6.5 to 6.7

How to Upgrade vCenter Server Appliance from 6.5 to 6.7 – Stage 2

Constantin Ghioc 3 Comments

In a previous article (How to Upgrade vCenter Server Appliance from 6.5 to 6.7 – Stage 1) I walked through the first phase of the upgrade process for vCSA 6.7 (embedded deployment) – Deploy the OVA File of the new vCenter Server Appliance with an embedded Platform Services Controller. In this article I will cover phase 2 of the vCenter upgrade – transfer the data and setup the newly deployed vCenter Server Appliance.

Upgrade vCenter Server Appliance from 6.5 to 6.7 – Stage 2

In the last step of the phase 1, I was presented with the following screen:

Upgrade vCenter Server Appliance from 6.5 to 6.7 - Deploy VCSA Completed

Read More

How to Upgrade vCenter Server Appliance from 6.5 to 6.7

How to Upgrade vCenter Server Appliance from 6.5 to 6.7 – Stage 1

Constantin Ghioc Leave a comment

In this article I will show you how to upgrade vCenter Server Appliance running 6.5 to the target version of 6.7. I will upgrade an embedded deployment (as per vCenter Server and Platform Services Controller Deployment Types: all services bundled with the Platform Services Controller are deployed together with the vCenter Server services on the same virtual machine or physical server).

The upgrade procedure consists in two steps:

  1. Stage 1 – Deploy the OVA File of the new vCenter Server Appliance with an embedded Platform Services Controller
  2. Stage 2 – transfer the data and setup the newly deployed vCenter Server Appliance

In this article I will cover Stage 1 (deployment of a new vCSA 6.7). In a later article I will cover Stage 2 (data migration from the old 6.5 vCSA to the new 6.7 vCSA).

Read More

New Security Patch – vCenter Server 6.5 U1g

Constantin Ghioc Leave a comment

VMware released today a new security patch, vCenter Server 6.5 U1g, build number 8024368. This release contains few VMware software fixes, security fixes, and third-party product fixes. The new patch can already be downloaded from My VMware portal (VMware-VCSA-all-6.5.0-8024368.iso, 3.36 GB). Patch is also available through standard online repository.

Updated packages in vCSA (Photon OS):

vCenter Server 6.5 U1g provides part of the hypervisor-assisted guest mitigation of CVE-2017-5715 for guest operating systems (Spectre-2 vulnerability). For more details on this mitigation, see VMware Security Advisory VMSA-2018-0004.3.

The patch also fixes an issue where in some cases the inclusion of an ESXi host into an empty Enhanced vMotion Compatibility (EVC) cluster would fail even though the host met the requirements.

Read More