• vCenter Server 6.7 (embedded or external PSC) prior to 6.7u3f is affected by CVE-2020-3952 if it was upgraded from a previous release line such as 6.0 or 6.5.
• VMware Cloud Foundation introduced vCenter 6.7 with VCF 3.5 and 6.7 U3b with VCF 3.9.1. Between VMware Cloud Foundation 3.5 and VMware Cloud Foundation 3.9.1 there are different versions of vCenter Server ranging from 6.7 u1, u2 and u3.
• Environments that are vulnerable to this are the VMware Cloud Foundation migrations migrating from 2.3.x to 3.5.1 and any that upgraded from 3.0.x to 3.5 and beyond. These environments will require the vCenter Server 6.7u3f security patch.
• VMware Cloud Foundation deployments with fresh installs of version 3.5 and beyond will not impacted by this vulnerability.

1. Using a file transfer utility, like WinSCP, copy the /opt/vmware/vcf/lcm/lcm-tools directory on the VMware SDDC Manager VM to a computer with internet access.
2.  Edit the lcm.depot.adapter.remote.index.filename property in the /lcm-tools/conf/application-prod.properties file from "index.v3" to "index.offline".

3. To download the vCenter Server bundle (bundle-22962), the tool needs to be run with bundle specific ID. Open a command prompt on the internet facing machine and run the following command:

4. Open an SSH session to the SDDC Manager VM and change to the root user:

su -

5. Create a directory on the SDDC Manager:

mkdir /nfs/vmware/vcf/nfs-mount/VC-67

6.  Once the bundle is downloaded, copy the update bundle directory from the external computer to the SDDC Manager VM in the /nfs/vmware/vcf/nfs-mount/VC-67 directory.
7.  In the SDDC Manager VM, change the ownership and permissions of the uploaded bundles.

chmod -R 0777 /nfs/vmware/vcf/nfs-mount/VC-67
chown -R vcf_lcm:vcf /nfs/vmware/vcf/nfs-mount/VC-67

8. In the SDDC Manager SSH session, upload the bundle file to the internal LCM repository

9. The vCenter Server Update bundle should now be available with the SDDC Manager UI, Proceed with applying the vCenter patch bundle.