Dirmann Technology Consultants

Virtualization

New vCenter and VCF Vulnerability Discovered with 6.5 – 9.8 CVSSv3 Rating!

Team! This just in! Today, VMware released an advisor to all users of vCenter and/or VMware Cloud Foundations for two different vulnerabilities found in both the vCenter Server VMware Cloud Foundation (vCenter) products – a remote code execution (labeled as CRITICAL with a rating of 9.8) and an authentication mechanism issue (labeled as MODERATE with …

New vCenter and VCF Vulnerability Discovered with 6.5 – 9.8 CVSSv3 Rating! Read More »

vRealize Business for Cloud – Critical 9.8 / 10 Vulnerability

Team: Yesterday on my LinkedIn I announced that VMware had just release a security advisory that affected vRealize Business for Cloud. This vulnerability got a whopping 9.8 as a CSSv3 base score. If you’re not familiar with how vulnerabilities are rated, that equates to “you should remediate this situation….now!” The max score is a 10, …

vRealize Business for Cloud – Critical 9.8 / 10 Vulnerability Read More »

New NSX-T 3.1 Vulnerability (7.5 out of 10)

Team: Real quick! VMware announce a newly discovered vulnerability in NSX-T 3.1 that weighs in at a base score of 7.5 of 10 in CSSSv3, giving it an ‘Important’ label. This particular exploit will allow unauthorized privilege escalation through the local ‘guest’ account. The Workaround Luckily, this one doesn’t make you jump through hoops, stand …

New NSX-T 3.1 Vulnerability (7.5 out of 10) Read More »

VMware vSphere 7.0 Update 2  – Native Key Provider

Team! Two days ago VMware announced that vSphere 7.0 Update 2 is now generally available! This release is packed with a bunch of great features, as always! There’s one the really hit home with me too. I’ve already had a few discussions with some people about it and, for me, the introduction of the Native …

VMware vSphere 7.0 Update 2  – Native Key Provider Read More »

VMware vCenter, VCF, and ESXi Critical/Important Vulnerabilities

Team! Hey everyone! It’s Monday, but for some reason I already thought it was Tuesday. Must be one of those weeks already! 😊 A lot of talk regarding security recently. Whether it’s additional findings and what’s to come of the SolarWinds breach, another side-channel attack in Intel processors, or these critical and important vulnerabilities found …

VMware vCenter, VCF, and ESXi Critical/Important Vulnerabilities Read More »

vSAN 7.0 Update 1 – Shared Witness for Two-Node Clusters

Team! It’s Sunday! Super Bowl Sunday, to be exact. And what better way to spend Super Bowl Sunday than to sit down at the computer and type up an article about VMware’s vSAN. Glad we’re on the same page with that one! For those that don’t know me, I love vSAN. I vouch for this …

vSAN 7.0 Update 1 – Shared Witness for Two-Node Clusters Read More »