VMware Aria Operations 8.18 Hot Fix 2 is a public Hot Fix that addresses the following issues:
The following CVEs have been resolved as of version 8.18 Hot Fix 2:
Note: Inclusion of a given CVE in the following table does not imply exploitability of said CVE.
Component Name | CVE |
apache | CVE-2024-40725 |
CVE-2024-40898 | |
bind | CVE-2024-1975 |
CVE-2024-4076 | |
openssl | CVE-2023-0464 |
CVE-2023-0465 | |
CVE-2023-0466 |
VMware Aria Operations 8.18
VMware Aria Operations 8.18 Hot Fix 2 can only be applied to 8.18.0 environment.
Note: Upgrading from older versions directly to this Hotfix is not supported. You must upgrade to 8.18.0 before applying this HotFix.
Important: Take snapshots of each of the VMware Aria Operations nodes before applying the Hot Fix by following How to take a Snapshot of VMware Aria Operations.
Note: You will need to login to the portal first to allow download of the file using the direct links below.
Release Name | Release Date | Build Number | UI Build Number | File Name |
VMware-Aria-Operations-8.18-HF2 | 8/21/2024 | 24227001 | 24226560 | vRealize_Operations_Manager_With_CP-8.10.x-to-8.18.24227001.pak |
vrlcm-vrops-8.18.0_HF2 | 8/22/2024 | 24227001 | vrlcm-vrops-8.18.0-HF2.patch |
* Aria Operations HF2 for version 8.18 to be used in Aria Suite Lifecycle.
Once the update is complete delete the snapshots you made before the software update.
The patch is applicable only on Aria Operations 8.18.0 GA.
Applying the patch on 8.18.1 or 8.18.2 will throw below errors:
If we trying to check the box 'Install the PAK file even if it is already installed.'
It fails during Postgres DB upgrade.