VMware Site Recovery Manager is getting patch to resolve CVE-2021-44228 and CVE-2021-45046.

VMware just published a patch for SRM 8.5.0.2 where Apache log4j is updated to version 2.16 to resolve CVE-2021-44228 and CVE-2021-45046.

If you are running Site Recovery Manager 8.5, upgrade to Site Recovery Manager 8.5.0.2. See Upgrading Site Recovery Manager in Site Recovery Manager 8.5 Installation and Configuration for instructions about upgrading Site Recovery Manager.

If you use vSphere Replication with Site Recovery Manager 8.5, upgrade the vSphere Replication appliance to version 8.5.0.2. See the vSphere Replication 8.5.0.2 Release Notes for information about vSphere Replication 8.5.0.2.

VMware Site Recovery Manager 8.5.0.2 Virtual Appliance | 17 DEC 2021 | Build 19066895 | Download

VMware Site Recovery Manager 8.5.0.2 Configuration Import/Export Tool  | 17 DEC 2021 | Build 19066897 | Download

RUN LIST:

  1. Download ISO from VMware website.
  2. Attache ISO to SRM appliance.
  3. Log in to the Site Recovery Manager Appliance Management Interface as admin.
  4. Click Update.
  5. Edit option to update from ISO.
  1. In the Available updates pane, click Install.
  2. Accept the end-user license agreement, and click Install.

NOTE: After the update is complete, the appliance restarts.

  1. Refresh the browser window to reload the Site Recovery Manager Appliance Management Interface.
  2. Log in to the Site Recovery Manager Appliance Management Interface as admin.
  3. Click Reconfigure
  4. Follow the prompts, provide the required information, and click Finish.

Source: https://docs.vmware.com/en/Site-Recovery-Manager/8.5/rn/srm-releasenotes-8-5-0-2.html#upgrading

Please like and share to spread the knowledge in the community.

If you want to chat with me please use Twitter: @AngrySysOps

Visit my FB page: https://www.facebook.com/AngrySysOps

Read my blog: https://angrysysops.com

Subscribe to my channel : https://www.youtube.com/channel/UCRTcKGl0neismSRpDMK_M4A

Please leave the comment