vToolbelt – June 2021

byArron King 06.10.2021 vToolBelt

vCenter Server Security Advisory – VMSA-2021-0010

Last week, VMware released information on a critical issue affecting Plug-ins on vCenter Server.  VMware recommend customers patch or implement the workaround as soon as possible.

The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in multiple plug-ins in vCenter (some of which are enabled by default). VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.  The full notice (including list of plug-ins) can be read at https://www.vmware.com/security/advisories/VMSA-2021-0010.html

This affects certain versions of vCenter Server (Windows and the VCSA alike).  The work around is to disable the affected plug-ins in vCenter – KB 83829.  This does impact management and is considered a short-term stop gap.

Upcoming Events

VMUG Academy: vSphere with Tanzu Training Event
Tuesday, June 8, 2021
12pm EST

Overview:

vSphere with Tanzu puts you in the unique position of being able to take advantage of the industry transformation towards next generation apps and containers by embedding Kubernetes directly into the control plane of vSphere. So, you can leverage your existing vSphere knowledge to easily be able to run and manage containers and Kubernetes workloads.

Join this exclusive educational event for live training and information from VMware experts, who will take you through a curated and customized set of hands-on modules on vSphere with Tanzu.

Register

 

VMworld 2021
October 5-7

Save the date! VMworld will be On-line this year.  More information and Registration details  will be available in the next few weeks.

 

Product Support Watch

The following products are nearing the End of General Support.  You can find the full list on the VMware Lifecycle Product Matrix.

Horizon View / Workspace ONE

  • App Volumes 2.17 – 7/02/2021
  • Dynamic Environment Manager 9.8 – 7/02/21
  • Dynamic Environment Manager 9.9 – 9/17/21
  • Horizon 7.10 ESB – 9/17/21
  • Identity Manager Connector 19.03 – 7/01/2021
  • Identity Manager 3.3.2- 10/17/2021
  • Workspace ONE Access 20.01 – 7/30/21
  • Workspace ONE UEM Console 1912 (SaaS Only) – 6/10/21
  • Workspace ONE UEM Console 2001 – 8/26/21
  • Workspace ONE UEM Console 2003 (SaaS Only) -9/6/21
    Workspace ONE UEM Console 2004 (SaaS Only) – 10/3/21

NSX

  • NSX Advanced Load Balancer 18.2 – 8/31/21
  • NSX-T Data Center 2.5 – 9/19/21
  • HCX 3.5.3 – 10/30/21

vRealize Suite

  • Lifecycle Manger 8.0, 8.1, 8.2 – 10/17/21
  • Log Insight 4.8 – 10/31/21
  • Log Insight 8.0, 8.1 – 10/17/21
  • vRealize Operations Manager  8.0.1, 8.1 – 10/17/21

Notes from the Field

Take a look at the all new VMware Customer Connect Learning!  This is a portal to learning and education on using VMware Products that is packaged in bite-sized consumable pieces.

VMware has a new CEO!  Take a few minutes to get to know Raghu Raghuram.

When was the last time you took a moment for a career review? If you have questions about what skills and experience you need to take the next step – check out The Virtualization Professional’s Career Guide.

What do you really know about VMware Snapshots?  Test your knowledge with the Managing VMware Snapshots guide with best practices.

vToolbelt - May 2021

vToolbelt – July 2021
Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.