Additional step for vCenter Server CVE-2021-44228 and CVE-2021-45046 workaround.

VMware just updated their KB adding additional step which needs to be run even if someone already did apply workaround. This additional step is to remove all JndiLookup classes per Apache Software Foundation guidance.

This step has been automated by script

NOTE: If you have already completed the steps in this article or used the original script in KB 87088, you must still run the script on your previously remediated vCenter

NOTE: You MUST also run the script after using this python script to fully remediate a vCenter Server or PSC


  1. Take a backup of your vCenter.
  2. Download the script NOTE: This is official VMware script and link is directing to VMware repo.
  3. Login to the vCSA using an SSH Client (using Putty.exe or any similar SSH Client)
  4. Transfer the file to /tmp folder on vCenter Server Appliance using WinSCP

NOTE: Note: It’s necessary to enable the bash shell before WinSCP will work

  1. Go to /tmp forlder
  2. Run this command to execute script:

NOTE: The script will stop all vCenter services, proceed with removing the JndiLookup.class from all jar files on the appliance and finally start all vCenter services. The files that the script modifies will be reported as “VULNERABLE FILE” as the script runs

Please like and share to spread the knowledge in the community.

If you want to chat with me please use Twitter: @AngrySysOps

Visit my FB page:

Read my blog:

Subscribe to my channel :

Please leave the comment