Remediating VMSA-2021-0002 – Potential Issues

In late February, VMware published their second security advisory for 2021. It contained contained three items:

  • CVE-2021-21972 – A remote code execution vulnerability in vCenter that has a CVSS score of 9.8
  • CVE-2021-21974 – A vulnerablity in OpenSLP, which is used in ESXi. This one has a CVSS score of 8.8
  • CVE-2021-21973 – Another vCenter vulnerability that was rated with a CVSS score of 5.3

Given the product versions affected, most organisations with relatively up to date virtualisation infrastructure would be at risk from these items. While testing and simulating the update process, I ran into some issues that might be worth publishing for a broader audience.

Read more

vCenter 6.7 Update 2 – Code Capture

One of the very cool new features that came with the latest vCenter update is Code Capture. This feature allows you to “record” actions in the HTML 5 web client. When the “recording” is ended, Code Capture will generate PowerCLI.NET code. For those who used Exchange 2007, you may remember a similar feature in the GUI management console. At the end of each wizard, there was a summary of PowerShell code that would perform the same task you just finished.

Code Capture has been around for a while as part of the HTML 5 Client Web Fling. However, at the time, it was not appropriate for production use. With the feature being included in 6.7 Update 2, it now is appropriate for use.

Read more

Installing ElasticStack Beats on vCenter 6.7

I recently deployed a vCenter appliance to 6.7 after a power outage corrupted the 6.5 instance.  A followup task for the virtual appliance was getting the ElasticStack Beats (MetricBeat, Filebeat) installed again.  In this post, I will go through the process of installing the Beats and some of the minor issues I ran into.

Read more