Dirmann Technology Consultants
Team! If you have separation of duties in your environment, which you probably should, you may find yourself in need of delegating access to perform certain tasks and functions from time to time. That is the basis for this post. I recently was asked if it were possible to delegate administrative tasks in VMware HCX …
Team! We’re about to enter a topic of conversation that, much like everything else in the information technology industry, has hundreds of different ways to be implemented and hundreds of other opinions on the strategy of it. Yeah, you know what I’m talking about. We’re touching on the topic of templates. I recently had a …
Team: Earlier today, VMware released an advisory for their Carbon Black product. It hits hard at a grueling 9.1 rating on CSSv3. It’s a remote code execution vulnerability, which is why it has been rated so high. If you’re making use of App Control versions 8.5.x to 8.8.x, you’re affected. The good news is that …
Team! This just in! Today, VMware released an advisor to all users of vCenter and/or VMware Cloud Foundations for two different vulnerabilities found in both the vCenter Server VMware Cloud Foundation (vCenter) products – a remote code execution (labeled as CRITICAL with a rating of 9.8) and an authentication mechanism issue (labeled as MODERATE with …
New vCenter and VCF Vulnerability Discovered with 6.5 – 9.8 CVSSv3 Rating! Read More »
Team: Yesterday on my LinkedIn I announced that VMware had just release a security advisory that affected vRealize Business for Cloud. This vulnerability got a whopping 9.8 as a CSSv3 base score. If you’re not familiar with how vulnerabilities are rated, that equates to “you should remediate this situation….now!” The max score is a 10, …
vRealize Business for Cloud – Critical 9.8 / 10 Vulnerability Read More »
Team: Real quick! VMware announce a newly discovered vulnerability in NSX-T 3.1 that weighs in at a base score of 7.5 of 10 in CSSSv3, giving it an ‘Important’ label. This particular exploit will allow unauthorized privilege escalation through the local ‘guest’ account. The Workaround Luckily, this one doesn’t make you jump through hoops, stand …
Team! Two days ago VMware announced that vSphere 7.0 Update 2 is now generally available! This release is packed with a bunch of great features, as always! There’s one the really hit home with me too. I’ve already had a few discussions with some people about it and, for me, the introduction of the Native …
VMware vSphere 7.0 Update 2 – Native Key Provider Read More »
Team! Hey everyone! It’s Monday, but for some reason I already thought it was Tuesday. Must be one of those weeks already! ? A lot of talk regarding security recently. Whether it’s additional findings and what’s to come of the SolarWinds breach, another side-channel attack in Intel processors, or these critical and important vulnerabilities found …
VMware vCenter, VCF, and ESXi Critical/Important Vulnerabilities Read More »
Team! Happy Thursday! Tonight, I want to write about a topic that I haven’t seen a lot of information circulating about it, but it probably should be. Now more than ever information security is in the forefront of everyone’s mind after the unprecedented breach of SolarWinds and other parties. The timeline and scale of this …
