Re: is vCenter 6.0 windows machine impacted by CVE...

SurajRoy · ‎12-13-2021

I have a old vCenter environment running 6.0.

As per the KB https://kb.vmware.com/s/article/87081 vCenter 6.5 and above is impacted.

Can we confirm if vCenter 6.0 is impacted or not?

fabio1975 · ‎12-13-2021

Ciao

yes it is impacted

Check this kb:

Workaround instructions to address CVE-2021-44228 in vCenter Server Windows (87096) (vmware.com)

.....

vCenter Server 6.0 on Windows

vCenter Server 6.0 is no longer in general support but has also been identified as vulnerable to CVE-2021-44228 due to the Performance Charts service. Mitigation steps have been identified as follows:

Backup and edit C:\Program Files\VMware\vCenter Server\perfcharts\wrapper\conf\wrapper.conf on the appliance and add a new line below "wrapper.java.additional.13=-Dlog4j.configurationFile=file:" with the following content:

wrapper.java.additional.14=-Dlog4j2.formatMsgNoLookups=true

Save the file and restart the VMware Performance Charts service

Fabio

Visit vmvirtual.blog
If you're satisfied give me a kudos

SurajRoy · ‎12-13-2021

Thank you Fabio for your immediate response.

I think I am good as I am running vCenter 6.0 U3h and as per KB : " vCenter Server Appliance versions 6.0GA - 6.0U3i are not vulnerable. However, versions 6.0 U3a/b/c/d/e/f were found to contain the following unused vulnerable jar files.

So no action needed for U3h.

fabio1975 · ‎12-13-2021

Ciao

Ok, but the post title is "is vCenter 6.0 windows machine..." but now you talk of vCenter Server Appliance ....

I don't understand 🙂

Fabio

Visit vmvirtual.blog
If you're satisfied give me a kudos

SurajRoy · ‎12-13-2021

My bad yes, we have Windows and I need to follow the instruction shared in the KB 🙂

All

is vCenter 6.0 windows machine impacted by CVE-2021-44228?

vCenter Server 6.0 on Windows