To solve vulnerability CV· 2021-22005, for a HA Vcenter, do we need run the scrip VMSA-2021.0020.py in the Vcenter-Active, Vcenter-Passive and Vcenter-Witness?
@enriquej1 Yes, you need to apply the workaround in all nodes. If the script is failing in Passive node, please follow the manual workaround section in the KB (Step 1 to 12 in "Option 2 -- Implement The Workaround Via Manual Steps", service restart steps (steps 13 & 14) are not needed as service will be down in Passive node). Technically, Services will never come up in Witness node. Still, worth applying the workaround on all nodes.
We have applied it in all nodes with no problems.