VMware vRealize Orchestrator


VMware vRealize Automation 8.8.1 Is Now Available

VMware vRealize Automation 8.8.1 was released on June 9, 2022. With this release, VMware has provided security updates and new features, including support for the vRealize Automation Extensibility (vREx) Proxy.

VMware vRealize Automation 8.8 Is Now Available

VMware has released the latest update to the vRealize Suite, vRealize Automation 8.8, on April 28, 2022. With this release, VMware has provided several enhancements and new features, including support for multi-level approval policies, enhanced custom naming for deployment resources, and support for legacy vRealize Orchestrator workflow presentations within vRealize Automation custom forms.

VMware vRealize Automation 8.7 Is Now Available

Reading time: 5 minutes
VMware has released the latest update to the vRealize Suite, vRealize Automation 8.7, on March 22, 2022. With this release, VMware has provided several enhancements and new features, including a next-generation On-Prem ABX Engine, enhancements to vRealize Automation SaltStack Config, additional OS support for SaltStack Config SecOps Compliance, minor UI changes, and several changes related to deployments. What’s New  Updates included in vRealize Automation 8.7.0:  Next-generation On-Prem ABX Engine - New Function as a Service (FaaS) engine is much faster, fixes numerous issues with memory limits, and introduces memory-based throttling.

VMSA-2021-0028 - VMware's Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)

Unless you’ve been living under a rock the past couple days, you’ve likely been seeing many articles regarding CVE-2021-44228 which describes a remote code execution vulnerability within Apache Log4j. Apache Log4j is a Java-based logging utility used by many applications across the world, and as such, this vulnerability is a huge issue due to how easy it is to exploit as well as the sheer number of vulnerable devices. Like most companies with Java based applications, many of VMware’s products utilize Log4j to provide application logging capabilities.

VMSA-2020-0009: vRealize Operations Authentication Bypass and Directory Traversal Vulnerabilities

Reading time: 2 minutes
I just wanted to provide a quick post to bring attention to the latest VMware Security advisory VMSA-2020-0009. The products affected include: vRealize Operations 7.5.0 vRealize Operations 8.0.x vRealize Operations 8.1.0 If you utilize the vRealize Operations Application Remote Collector (ARC) appliance to monitor operating systems or applications via the Telegraf agents, you should immediately implement the workaround documented in VMware KB79031. While two vulnerabilities were announced, both relating to Salt, an open-source project by SaltStack, the authentication bypass vulnerability (CVE-2020-11651) received a CVSSv3 base score of 10.

1 / 2

Search

Get Notified of Future Posts

Follow Me

Twitter Icon
LinkedIn Icon
RSS Icon

Recent Posts