Guidelines to address security vulnerabilities on VCF 4.3.x and VCF 4.4.+ releases as disclosed by VMSA-2022-0032
search cancel

Guidelines to address security vulnerabilities on VCF 4.3.x and VCF 4.4.+ releases as disclosed by VMSA-2022-0032

book

Article ID: 313857

calendar_today

Updated On:

Products

VMware Cloud Foundation

Issue/Introduction

This KB documents the remediation process for customers running VMware Cloud Foundation 4.3.x or 4.4.+.

Symptoms:
  • As documented in VMSA-2022-0032, vIDM 3.3.6  is impacted by the vulnerabilities listed in the advisory.
Since the VMware Cloud Foundation (VCF) 4.x versions bundle the impacted release of vIDM;  VCF 4.3.x and VCF 4.4.+ releases are similarly impacted by the vulnerabilities listed in the advisory.
 
 


Environment

VMware Cloud Foundation 4.4.x
VMware Cloud Foundation 4.3.x

Resolution

To resolve the issue, please follow the guidelines in the table below:

VCF Release

Resolution

VCF 4.3.x

Upgrade to VCF 4.4+ (following VCF upgrade guide, Upgrading to VMware Cloud Foundation 4.4 or 4.4.1 and then follow the remediation process for VCF 4.4.+)

VCF 4.4.x and VCF 4.5.x

Apply vIDM patch per KB 90399