Today, VMware released information pertaining to a new vulnerability discovered in vCloud Director! If you are running version 10.5 in your environment, you’re going to want to tune in because the vulnerability is rated at a whopping 9.8!
If you are running a greenfield deployment of vCloud Director 10.5.0, you are NOT affected. Furthermore, if you are running any Linux deployments, you are also in the clear. The vulnerability specifically applies to the following criteria – vCloud Director 10.5 appliance-based deployment that was upgraded from a previous version.
The good news is that VMware has made it easy to remediate the risk! And even better yet, there is no downtime associated with the necessary changes! Below, we’ve provided the link to both VMware’s KB article for remediation and the original security advisory. If you are affected, ensure that you get your change controls submitted and take care of this!
Paul Dirmann (vExpert PRO*, vExpert***, VCIX-DCV, VCAP-DCV Design, VCAP-DCV Deploy, VCP-DCV, VCA-DBT, C|EH, MCSA, MCTS, MCP, CIOS, Network+, A+) is the owner and current Lead Consultant at Dirmann Technology Consultants. A technology evangelist, Dirmann has held both leadership positions, as well as technical ones architecting and engineering solutions for multiple multi-million dollar enterprises. While knowledgeable in the majority of the facets involved in the information technology realm, Dirmann honed his expertise in VMware’s line of solutions with a primary focus in hyper-converged infrastructure (HCI) and software-defined data centers (SDDC), server infrastructure, and automation. Read more about Paul Dirmann here, or visit his LinkedIn profile.