CVE 2021-22005In a vCSA HA must we run the script ...

enriquej1 · ‎09-27-2021

To solve vulnerability CV· 2021-22005, for a HA Vcenter, do we need run the scrip VMSA-2021.0020.py in the Vcenter-Active, Vcenter-Passive and Vcenter-Witness?

baijup · ‎09-27-2021

@enriquej1 Yes, you need to apply the workaround in all nodes. If the script is failing in Passive node, please follow the manual workaround section in the KB (Step 1 to 12 in "Option 2 -- Implement The Workaround Via Manual Steps", service restart steps (steps 13 & 14) are not needed as service will be down in Passive node). Technically, Services will never come up in Witness node. Still, worth applying the workaround on all nodes.

enriquej1 · ‎09-28-2021

Thanks Baijup.

We have applied it in all nodes with no problems.

All

CVE 2021-22005In a vCSA HA must we run the script in Vcenter-Active, pasive, and Witness?