Applying vCenter Server 7.0 U3r (7.0.3.02000-24026615) patch on VMware Cloud Foundation for VCF 4.x releases
book
Article ID: 373788
calendar_today
Updated On:
Products
VMware Cloud Foundation 4.x
Issue/Introduction
As documented in VMSA-2024-0012, all versions of the vCenter Server 7.0 appliance that are prior to 7.0 Update 3r are affected by the vulnerabilities listed in the advisory.
Also, all VMware Cloud Foundation(VCF) 4.x versions are impacted by the vulnerabilities listed in the advisory.
Note: Any VCF 4x customer that patches to vCenter Server version 7.0 U3r will be limiting their forward upgrade to VCF 5.2 only (8.0 U3)
Environment
This article is for VCF 4.x customers who are in mixed BOM within the WLD and would like to mitigate the VMSA-2024-0012 vulnerability.
Resolution
Perform below steps on each VMware vCenter Server VM deployed in your VMware Cloud Foundation environment
Take concurrent powered off snapshots for VC's in the SSO domain prior to patching.
Apply the VMware vCenter server 7.0 Update 3r patch to all vCenter Servers (Management & VI Domain) in the environment using VAMI.
Perform below steps on each SDDC Manager VM deployed in your Cloud Foundation environment
Take snapshot of SDDC Manager VM
SSH to SDDC Manager with vcf user and su to root
Get VC ID from VCF inventory
curl localhost/inventory/vcenters | json_pp
The field "id" in response, corresponds to vCenter id. The "version" field for each of the vCenter provides the current version of the vCenter.
Update VCF inventory for vCenter Servers.
Note: Repeat below commands for all the vCenter Severs with their corresponding vcenter-id that were upgraded. <SDDC_Manager_FQDN > = Fully qualified domain name of SDDC manager. <vCenter_Id> = Id of VCENTER for which version is to be updated in VCF inventory The build number of VC 7.0 Update 3r is 24026615 so this is the version that needs to be inserted into the file i.e. 7.0.3.02000-24026615