SurajRoy
Enthusiast
Enthusiast

is vCenter 6.0 windows machine impacted by CVE-2021-44228?

I have a old vCenter environment running 6.0.

As per the KB https://kb.vmware.com/s/article/87081   vCenter 6.5 and above is impacted.

Can we confirm if vCenter 6.0 is impacted or not?

0 Kudos
4 Replies
fabio1975
Expert
Expert

Ciao 

yes it is impacted

Check this kb:

Workaround instructions to address CVE-2021-44228 in vCenter Server Windows (87096) (vmware.com)

 

.....

vCenter Server 6.0 on Windows

vCenter Server 6.0 is no longer in general support but has also been identified as vulnerable to CVE-2021-44228 due to the Performance Charts service. Mitigation steps have been identified as follows:
  1. Backup and edit C:\Program Files\VMware\vCenter Server\perfcharts\wrapper\conf\wrapper.conf on the appliance and add a new line below "wrapper.java.additional.13=-Dlog4j.configurationFile=file:" with the following content:
wrapper.java.additional.14=-Dlog4j2.formatMsgNoLookups=true
  1. Save the file and restart the VMware Performance Charts service

 

SurajRoy
Enthusiast
Enthusiast

Thank you Fabio for your immediate response.

I think I am good as I am running vCenter 6.0 U3h and as per KB : " vCenter Server Appliance versions 6.0GA - 6.0U3i are not vulnerable. However, versions 6.0 U3a/b/c/d/e/f were found to contain the following unused vulnerable jar files. 

So no action needed for U3h.

Tags (1)
0 Kudos
fabio1975
Expert
Expert

Ciao 

Ok, but the post title is "is vCenter 6.0 windows machine..." but now you talk of vCenter Server Appliance ....

I don't understand 🙂 

 

 

0 Kudos
SurajRoy
Enthusiast
Enthusiast

My bad yes, we have Windows and I need to follow the instruction shared in the KB 🙂

0 Kudos