VMware Cloud Community
mbartle
Enthusiast
Enthusiast
‎12-13-2021 05:59 AM

Has anyone applied the LOG4SHELL mitigations for vCenter ?

Here is the general advisory 

https://www.vmware.com/security/advisories/VMSA-2021-0028.html

 

Here are the vCenter 7.x appliance specific steps.

https://kb.vmware.com/s/article/87081?lang=en_US

Has anyone applied these yet ? Ideally I prefer to wait for an official patch from VMware

0 Kudos
4 Replies
lhedrick
Enthusiast
Enthusiast
‎12-22-2021 12:16 PM

I ran both Pythion scripts on several 6.7.0U3p VCSA appliances. No issues...
https://kb.vmware.com/s/article/87081
and
https://kb.vmware.com/s/article/87088

There is now just a single script that needs to be run...

0 Kudos
stadi13
Hot Shot
Hot Shot
‎12-23-2021 06:17 AM

@mbartleI implemented the workaround with the vc_log4j_mitigator.py which can be found here: https://kb.vmware.com/s/article/87081?lang=en_US

I implemented the workaround successfull on 19 vCenters until now. The script works very good. When you run it again in drymode (python vc_log4j_mitigator.py -r) you can check, if there are any vulnerable files left.

 

0 Kudos
stadi13
Hot Shot
Hot Shot
‎12-23-2021 06:20 AM

@lhedrickThe KB https://kb.vmware.com/s/article/87088 is obsolete since 21.12.2021. There is a new script released and these steps integrated into https://kb.vmware.com/s/article/87081

0 Kudos
Alex_Romeo
Leadership
Leadership
‎12-23-2021 06:47 AM

Hi,

Yes, I applied the workaround 5 days ago on 24 vCenter. I had no problems.

For now the solution is to apply the Python workaround. The fix is included in the next "minor release" of each vCenter release.

 

regards,

AR

Blog: https://www.aleadmin.it/
0 Kudos