VMware vSphere

While browsing the VMware Flings website, I recently ran across a Fling previously released in November of 2021 titled vSphere Diagnostic Tool that I found to be quite interesting. The tool is a set of python scripts that execute various diagnostic commands against a vCenter Server appliance. The scripts aim to rapidly isolate common known issues with vCenter Server appliances to aid and provide the end-user with information on how to remediate the problems.

On April 22, 2022 the Defense Information Systems Agency (DISA) released the third update to the VMware vSphere 6.7 STIG. Version 1, Release 3 contains minor changes to the VMware vSphere 6.7 Photon OS STIG.

For several years, VMware has been adding new integration capabilities into new releases of VMware Tools. These capabilities often supported VMware products, including vRealize Operations, NSX, AppDefence, and Carbon Black. The latest product to be integrated into VMware Tools 12.0.0 is VMware vRealize SaltStack Config. VMware Tools 12.0.0 now includes the ability to automate the deployment of the Salt Minion software utilizing vSphere virtual machine guest variables. This new integration makes it easier than ever to deploy new Salt Minions to both new and existing virtual machines.

While I will admit that I’m a little bit behind on this one, I’ve finally put together my vRealize Operations compliance content for the VMware vSphere 6.7 STIG that was released by DISA earlier this year. The VMware vSphere 6.7 STIG release was quite different from the previous releases and includes 12 separate STIGs. Not only are there compliance checks related to Virtual Machines, ESXi hosts, and the vCenter Server application, there are also STIGs for various services that make up the vCenter Server Appliance (VCSA).

Unless you’ve been living under a rock the past couple days, you’ve likely been seeing many articles regarding CVE-2021-44228 which describes a remote code execution vulnerability within Apache Log4j. Apache Log4j is a Java-based logging utility used by many applications across the world, and as such, this vulnerability is a huge issue due to how easy it is to exploit as well as the sheer number of vulnerable devices. Like most companies with Java based applications, many of VMware’s products utilize Log4j to provide application logging capabilities.