By Lerpong Intaraworrapath | March 7th, 2023
VMware issued a security alert for VMware vRealize Operations (vROps) due to the VMSA-2022-0034 severity. According to the advisory, VMware vRealize Operations (vROps) updates address privilege escalation vulnerabilities (CVE-2022-31707, CVE-2022-31708).
Solution
To remediate CVE-2022-31707 apply the fixes listed in the ‘Fixed Version’ column of the ‘Response Matrix’ below.
Product | Version | Running On | CVE Identifier | CVSSv3 | Severity | Fixed Version | Workarounds | Additional Documentation |
VMware vRealize Operations (vROps) | 8.10 | Any | CVE-2022-31707, CVE-2022-31708 | 4.4, 7.2 | Important | 8.10.1 | N/A | N/A |
VMware vRealize Operations (vROps) | 8.6.x | Any | CVE-2022-31707, CVE-2022-31708 | 4.4, 7.2 | Important | KB90232 | N/A | N/A |
In this article, we will demonstrate how to apply patching from KB90232 in VMware vRealize Operations version 8.6.4.
Important: Take snapshots of each of the vRealize Operations nodes before applying the Hot Fix by following How to take a Snapshot of vRealize Operations.
Step-by-Step Instructions for Applying a Patch
1.Take a snapshot of the vROps node to which we want to apply the patch (How to take a Snapshot of vRealize Operations.).
2.Download the vRealize Operations 8.6 Hot Fix 8 PAK file from the VMware Patch Portal.
https://customerconnect.vmware.com/group/vmware/patch#search
3.You will proceed to the “Product Patches” page.
4.Choose the product and version, then press the “Search” button.
Product: vRealize Operations Manager
Version: 8.6
5.The “vROps-8.6-HF8” will be shown. Verify and validate the KB90232 patch file, then click “DOWNLOAD NOW.”.
6.Once the file download and snapshot have been completed, Log in to the vRealize Operations Manager administration interface
https://master-node-name-or-ip-address/admin.
7.Click “Software Update“.
8.Click “Install a Software Update“.
9.Go through the pack file you already downloaded.
10.Click “UPLOAD” after you’ve browsed the pack file.
11.The pack file had been uploaded. Click “NEXT”.
12.To accept the EULA, tick the box, then click “NEXT“.
13.After reading the release notes, click “NEXT”.
14.To install software, Click “INSTALL”.
15.The Administrator interface logs you out. Return to the primary node Administrator interface. In the left side, click Software Update. The update patch status will be shown.
16.Waiting for the pack to be installed.
17.Refresh the page. The cluster status is changed to Online.
18.Once the upgrade is finished, delete the snapshots you took prior to the software update.
Guidance and Technical Recommendations.
VMware security advisory with critical security severity for VMware vRealize Operations was released. A major vulnerability was discovered in VMware vRealize Operations. Using administrator rights in the vROps application, a malicious actor can get root access to the underlying operating system. We advise applying the patch or upgrading to the patched version to preventing a malicious attacker from accessing critical information in the vROps.