The version of the VMware Aria Operations for Logs (previously VMware vRealize Log Insight) program running on the remote system is 8.10.2. As a result, it is vulnerable to a remote code execution vulnerability caused by dangerous deserialization. An unauthenticated, a threat actor with network access to VMware Aria Operations for Logs can exploit this to execute arbitrary code as root.
VMware Aria Operations for Logs (formerly vRealize Log Insight).
CVE(s)
CVE-2023-20864, CVE-2023-20865
Synopsis
VMware Aria Operations for Logs (Operations for Logs) update addresses multiple vulnerabilities. (CVE-2023-20864, CVE-2023-20865)
Introduction
Multiple vulnerabilities in VMware Aria Operations for Logs were privately reported to VMware. Updates and workarounds are available to address these vulnerabilities in affected VMware products
Response Matrix
Product
Version
Running On
Fixed Version
Workarounds
Additional Documentation
VMware Aria Operations for Logs (Operations for Logs)
VMware has announced the official renaming of all products in our cloud management family to VMware Aria.
What is VMware Aria?
A unified management solution for cloud native applications and multi-cloud.
VMware Aria, a multi-cloud management portfolio that provides a set of end-to-end solutions for managing the cost, performance, configuration, and delivery of infrastructure and applications. Expressly designed for the operational challenges of cloud-native applications and public cloud environments, VMware Aria truly delivers a wholly new perspective on multi-cloud management.
The VMware Aria Product List
Previous Name
New Name
Automation
vRealize Automation / Cloud
VMware Aria Automation
VMware Cloud Assembly
VMware Aria Automation Assembler
VMware Service Broker
VMware Aria Automation Service Broker
VMware Code Stream
VMware Aria Automation Pipelines
VMware Cloud Templates
VMware Aria Automation Templates
vRealize Orchestrator
VMware Aria Automation Orchestrator
vRealize Automation SaltStack Config
VMware Aria Automation Config
vRealize Automation SaltStack SecOps
VMware Aria Automation for Secure Hosts
CloudHealth Secure State
VMware Aria Automation for Secure Clouds
Operations
vRealize Operations / Cloud
VMware Aria Operations
vRealize Log Insight / Cloud
VMware Aria Operations for Logs
vRealize Network Insight / Cloud
VMware Aria Operations for Networks
Tanzu Observability by Wavefront
VMware Aria Operations for Applications
vRealize True Visibility Suite
VMware Aria Operations for Integrations
Cost
CloudHealth
VMware Aria Cost powered by CloudHealth
Suites
vRealize Cloud Universal
VMware Aria Universal Suite
vRealize Suite
VMware Aria Suite
vCloud Suite
VMware vCloud Suite
CloudHealth by VMware Suite
Discontinued Name
CloudHealth Partner Platform
Discontinued Name – see Aria Cost powered by CloudHealth
Platform & Cross-Cloud Services
Project Ensemble
VMware Aria Hub
New
VMware Aria Graph
vRealize Migration Manager
VMware Aria Migration
vRealize Automation Cloud Guardrails
VMware Aria Guardrails
Project Ensemble Insights
VMware Aria Business Insights
Other
Skyline
VMware Skyline
vRealize Suite Lifecycle Manager
VMware Aria Suite Lifecycle
vRealize Cloud Subscription Manager
VMware Aria Hub Subscription
vRealize AI Cloud
Discontinued Name – functionality now part of Aria Hub
Reference:
Please see the links listed below for further information about VMware Aria and the portfolio products.
In this article, we will demonstrate you how to upgrade VMware Aria Operations for Logs (formerly vRealize Log Insight) version 8.6.2 to 8.10.2 using VMware Aria Suite Lifecycle (formerly vRealize Suite Lifecycle Manager) version 8.10.0.
Prerequisite.
The VMware Aria Suite Lifecycle version must be supported in order to upgrade of VMware Aria Operations for Logs to version 8.10.2.
As suggested by the support pack, you must upgrade pack for VMware Aria Suite Lifecycle to pack 6 (alternatively you may update to the most recent support pack).
Noted: Whenever possible, we recommend upgrading the pack to the newest version.
Noted: In this article, we had upgraded VMware Aria Suite Lifecycle to 8.10.0 Pack7
We can see from the upgrade path that VMware Aria Operations for Logs 8.6.2 requires an update to 8.8.2 and subsequently to version 8.10.2. (8.6.2->8.8.2->8.10.2)
To reduce the upgrading procedure and internet connection from VMware Aria Suite Lifecycle, we downloaded 2 ISO images for VMware Aria Operations for Logs versions 8.8.2 and 8.10.2.
Step-by-Step instruction how to upgrade VMware Aria Operations for Logs
1.After downloading VMware Aria Operations for Logs iso images for versions 8.8.2 and 8.10.2. We transferred the image to the /data/temp directory of the VMware Aria Suite Lifecycle appliance. Note: VMware recommends SCP protocol to transfer the file to the appliance. Tools such as winscp can also be used to transfer the file to the appliance.
2.Login to VMware Aria Suite Lifecycle, click “Environment” and then pick “vRealize Log Insight” to verify the version.
3.Choose “Setting” then “Binary Mapping” to confirm the product appear in the Binary Mapping list.
4.Click “ADD BINARIES“.
5.Choose “Local” as the location type. Enter “/data/temp” in the base location and press “DISCOVER“.
6.The list of product binaries will show below. Tick the box next to “VMware-vRealize-Log-Insight-8.8.2-20056468.pak” and type “upgrade” and then click “ADD“.
7.You can see the status of product mapping request by “Click here“.
8.Step 4 should be repeated to include “VMware-vRealize-Log-Insight-8.10.2-21145187.pak” and enter “upgrade”.
9.There will be 2 files in binary mapping upgrade for VMware Aria Operations for Log.
10.Log in to VMware Aria Operations for Log to check the version and the status of the cluster (3 nodes’ statuses must be displayed as connected.).
11.Back to VMware Aria Suite Lifecycle and, after choosing “Environment,” click “VIEW DETAILS” in vRealize Log Insight.
12.Choose “Trigger Inventory Sync” by clicking the 3 dots.
13.Wait until the sync is complete.
14.Back to VMware Aria Suite Lifecycle and, after choosing “Environment,” click “VIEW DETAILS” in vRealize Log Insight.
15.Select “UPGRADE“.
16.Click “PROCEED“.
17.Choose version 8.8.2 from the drop down menu.
18. Click the box to take a snapshot and then click “NEXT“.
19.Click “RUN PRECHECK“.
20.Read the “PRECHECK” report to check if there are any warnings or errors (you may download the report).
21.Read the upgrade summary and then click “SUBMIT“.
22.Upgrade in progress and wait from stage 1 to stage 10.
23.Login to VMware Aria Operations for Logs to view status and version.
24.Following the completion of the upgrade from 8.6.2 to 8.8.2, the next stage will be to upgrade from 8.8.2 to 8.10.2.
25.Repeat the step 15 and proceed to choose version 8.10.2.
26.Login to VMware Aria Operations for Logs to view status and version.
Guidance and Technical Recommendations.
vRealize Log Insight provides intelligent log management for infrastructure and applications in any environment. This highly scalable log management solution delivers intuitive, actionable dashboards, sophisticated analytics, and broad third-party extensibility across physical, virtual, and cloud environments. Update to the newest version to take advantage of new features, improve security, and get support for a new product.
This article will walk you through the process of upgrading VMware vRealize Log Insight (vRLI) from 8.4.0 to 8.6.2 using VMware vRealize Suite Lifecycle Manager (vRSLCM) version 8.6.2.
The current version of VMware vRealize Login Insight is 8.4.0-17828109.
3 vRealize Login Insights clusters have been configured in the environment.
STEP – How to upgrade VMware vRealize Log Insight (vRLI) to 8.6.2 by vRSLCM 8.6.2
Check and ADD Product version
1.Login to vRealize Suite Lifecycle Manager (vRSLCM) 8.6.2.
2.Navigate to “Binary Mapping” to upgrade the file for VMware vRealize Log Insight 8.6.2.
3.Click “ADD BINARIES” to get the most recent product version that supports vRSLCM 8.6.2.
4.Select “My VMware” and then click “DISCOVER“.
5.vRSLCM will find vRealize suite products supported by vRSLCM 8.6.2 by utilizing My VMware as configured.
6.Search for VMware vRealize Log Insight product upgrade and tick the box, then click “ADD“.
7. Click to check request status
8.Waiting for the status to change to “Completed“.
Upgrade VMware vRealize Log Insight to 8.6.2
1.Navigate to the environment you wish to upgrade, click “VIEW DETAILS“.
2.The details of vRealize Log Insight will be shown in the image below.
3.Before upgrading, we must sync the vRLI system with the vRSLCM. To do so, click the 3 dots (…) and then select “Trigger Inventory Sync“.
4.Click the “SUBMIT” button.
5.You will monitor the inventory sync progress at each stage and wait until the sync is complete.
6.After the inventory sync is complete, browse to the environment where vRealize Log Insight is deployed and select “UPGRADE“.
7.If the product’s inventory is already synced, we can proceed to upgrade; otherwise, we recommend clicking trigger inventory sync before proceeding.
8.The target product version 8.6.2 will be shown; click “NEXT“.
9.Check the box to take a snapshot, then click “NEXT”.
10.Pre-check for data validations prior to execution.
11.The status of vRealize Log Insight data validations is indicated below (if status show warning, we recommend to solve the issues before proceed to upgrade). We could collect the pre-check report.
12.Before proceeding with the update, review the information below and click “SUBMIT.”
13.You will notice each stage of vRLI upgrade and wait till it is completed.
14.Upgrade completed successfully.
vRealize Log Insight version 8.6.2-19092412
Check the vRLI version in vRSLCM.
Conclusion
VMware vRealize Suite Lifecycle Manager (vRSLCM) simplifies the deployment, patching, and upgrade process by performing automatic pre-checks and validation on vRealize Suite components. Upgrading VMware vRealize Log Insight (vRLI) to the current version can assist you in resolving known issues, fixing bugs, and providing security in your environment.
