This article details the frequently asked questions regarding VMSA-2021-0018 in relation to vRealize Operations.

VMware vRealize Operations 8.3.x
VMware vRealize Operations 8.1.x
VMware vRealize Operations 8.2.x
VMware vRealize Operations 8.0.x
VMware vRealize Operations 8.4.x
VMware vRealize Operations Manager 7.5.x

FAQ

Q: Who or what is exposed to this vulnerability?
A:  All customers running an impacted version of vRealize Operations.
 
Q: How do I determine if an installation is vulnerable?
A: Any deployment of vRealize Operations build prior to the Fixed Version (VMSA-2021-0018) is affected. 
     vRealize Operations releases after 8.4 will not be impacted by this vulnerability.
 
Q: What do I need to do to eliminate this vulnerability?
A: VMware recommends that customers on an affected release of vRealize Operations update to the corresponding fixed version in VMSA-2021-0018. 
 
Q: I don't want to or can't patch/upgrade.  Are there other options to remediate?
A: No.  For greater detail, see the corresponding KB articles linked below or in VMSA-2021-0018.

Q: Are EoGS versions such as vRealize Operations 6.7 impacted?
A. We cannot publish information on EoS product lines.

Q: Is there a Security Patch for vRealize Operations 8.0.0?
A: Yes, install the Security Patch for vRealize Operations 8.0.1 which will upgrade the appliance to vRealize Operations 8.0.1 and patch the vulnerabilities.

Q: Is there a Security Patch for vRealize Operations 8.1.0?
A: Yes, install the Security Patch for vRealize Operations 8.1.1 which will upgrade the appliance to vRealize Operations 8.1.1 and patch the vulnerabilities.