6th December 2022

New Vulnerabilities Affecting VMware vCenter and ESX-i Hosts – VMSA-2021-0002

Announced new vulnerabilities affecting VMware vCenter and ESXi hosts. It was stated that the CVSSv3 score was high, such as vCenter 9.8 critical and ESX-i 8.8 important. VMware thanked Mikhail Klyuchnikov of Positive Technologies for reporting this issue.

Response Matrix of Affected Systems

Response Matrix of Affected Systems
Response Matrix of Affected Systems
Response Matrix of Affected Systems
Response Matrix of Affected Systems

 

Solution for vCenter

The option to install and configure the vRops appliance automatically will be disabled. We connect to the vCSA (vCenter) server with SSH. We go to the file directory as below and back it up.

/etc/vmware/vsphere-ui/compatibility-matrix.xml
Solution for vCenter
Solution for Center

 

Add the following line to this file. We are restarting the “vsphere-ui” service.

<PluginPackage id = "com.vmware.vrops.install" status = "incompatible" />

We are restarting the “vsphere-ui” service.

service-control –restart vsphere-ui
PluginPackage
PluginPackage

 

In the vCenter client plugins tab, we can see that vRops client plugins are incompatible.

vRops client plugins
vRops client plugins

 

We need to add the following line to the xml file “C:\ProgramData\VMware \vCenterServer\cfg\vsphere-ui\compatibility-matrix.xml” on Windows-based vCenter servers.

<PluginPackage id = "com.vmware.vrops.install" status = "incompatible" />

To undo these processes, simply remove the line below and run the vCenter interface service again.

<PluginPackage id = "com.vmware.vrops.install" status = "incompatible" />

Reference:

https://www.vmware.com/security/advisories/VMSA-2021-0002.html

 

LEARN MORE  Idle Targets for Hackers - IoT Devices

Leave a Reply

Your email address will not be published. Required fields are marked *