VMware:
Vulnerable Products:
- ESXi hosts
- Windows version of vCenter Server (only Atlanta)
- vCenter Server appliance
- VMware Client Integration Plug-in
- vCenter Single Sign-On VMware Directory Service
Fixes:
- ESXi hosts
- Verify you version installed and only upgrade to the patch specified in the following KB:
- Running following commands to re-issue the certificate:
- cd /etc/vmware/ssl and ls -l
- mv rui.crt /vmfs/volumes/ATL01PRDCS01_WINBUILD_01_01/VMH04orig.rui.crt
- mv rui.key /vmfs/volumes/ATL01PRDCS01_WINBUILD_01_01/VMH04orig.rui.key
- /sbin/generate-certificates
- chmod +t rui.crt
- chmod +t rui.key
- Change root password
- Reboot the server
- Reconnect host again to vCenter
- Windows version of vCenter Server
- Verify you version installed and only upgrade to the patch specified in the following KB:
- In my instance I upgraded vCenter server from 5.5 build 1476327 to 5.5.0c build 1750597
- Perform steps as listed below for SSO certificate recreate
- Now you can upgrade to latest 5.5 Update 1a build 1750787? (KB: 2076692)
- Verify log on as accounts for VMware services after upgrade. For some reason mine changed to the user as was logged in as so some plugins did not start.
- vCenter Server appliance
- Upgrade to latest release to patch Client Integration Plug-in.
- vCenter Single Sign-On VMware Directory Service
- recreate certificates (reference KB 2076692)
- change password
- VMware Client Integration Plug-in
- Download from webpage and upgrade for all users accessing vCenter web client.
Good KB to subscribe too for updates on this issue:
JohannStander 