Patching time! VMware released an update for vCenter Server and ESXi -> 7.0 Update 3f.

vCenter server:

NOTE: If your source system contains hosts of versions between ESXi 7.0 Update 2 and Update 3c, and Intel drivers, before upgrading to vCenter Server 7.0 Update 3f, see the What’s New section of the VMware vCenter Server 7.0 Update 3c Release Notes, because all content in the section is also applicable for vSphere 7.0 Update 3f. Also, see the related VMware knowledge base articles: 8644787258, and 87308

Download FilenameVMware-vCenter-Server-Appliance-
Download Size6579.7 MB

To download this patch, after you log in to VMware Customer Connect, select VC from the Select a Product drop-down menu and select 7.0.3 from the Select a Version drop-down menu.

  1. Attach the VMware-vCenter-Server-Appliance-​ file to the vCenter Server CD or DVD drive.
  2. Log in to the appliance shell as a user with super administrative privileges (for example, root) and run the following commands:
    • To stage the ISO:
      software-packages stage --iso
    • To see the staged content:
      software-packages list --staged
    • To install the staged rpms:
      software-packages install --staged

Security issues:

  • vCenter Server 7.0 Update 3f provides the following security updates:
    • cURL is updated to version 7.82.
    •  The Jackson package is updated to version 2.13.2 and jackson-databind to version
    • The Oracle (Sun) JRE package is updated to version 1.8.0_311.
    • The Apache Tomcat server is updated to versions 8.5.78/9.0.62.
    • The OpenSSL library is updated to versions 1.0.2ze/1.1.1o.
    • The SQLite database is updated to version
    • Apache log4j is updated to version 2.17.1.
    • Apache Struts is updated to version 2.5.30.
    • The Spring library is updated to versions 5.2.20/5.3.18.
    • Eclipse Jetty is updated to version 9.4.46.v20220331.
    • The XStream library is updated to version 1.4.19.
    • The Expat XML parser is updated to version 2.4.7.
    • The Struts2 Core framework is updated to version 2.5.30.
    • The libxml2 library is updated to version 2.9.13.
  • This release resolves CVE-2022-22982. For more information on this vulnerability and its impact on VMware products, see VMSA-2022-0018.
  • This release resolves CVE-2021-22048. For more information on this vulnerability and its impact on VMware products, see VMSA-2021-0025.
  • Increased scalability of VMware HCI Mesh: With vCenter Server 7.0 Update 3f, a vSAN cluster can serve its local datastore to up to ten client vSAN clusters.
  • Enhanced vSphere Client components: vCenter Server 7.0 Update 3f fixes important usability issues in the vSphere Client Inventory, Data Grid, Related Objects, and Global Inventory Lists components. The usability enhancements include:
    • setting item height to 25px in the Inventory tree to make the tree more compact
    • removing excessive margins from the Action menu
    • improved right-click selection for Data Grid
    • better handling of selected items in the Related Objects and Global Inventory Lists tabs
    • customizable page size, from 35 to 200 items, in Related Object lists. 
  • For VMware vSphere with Tanzu updates, see VMware vSphere with Tanzu Release Notes.
  • For Photon OS updates, see VMware vCenter Server Appliance Photon OS Security Patches.


  • ESXi 7.0 Update 3f supports vSphere Quick Boot on the following servers:
    • Cisco Systems Inc:
      • UCSC-C220-M6N
      • UCSC-C225-M6N
      • UCSC-C240-M6L
      • UCSC-C240-M6N
      • UCSC-C240-M6SN
      • UCSC-C240-M6SX
    • Dell Inc:
      • PowerEdge XR11
      • PowerEdge XR12
      • PowerEdge XE8545
    • HPE:
      • Edgeline e920
      • Edgeline e920d
      • Edgeline e920t
      • ProLiant DL20 Gen10 Plus
      • ProLiant DL110 Gen10 Plus
      • ProLiant ML30 Gen10 Plus
    • Lenovo:
      • ThinkSystem SR 860 V2

his release resolves CVE-2022-23816, CVE-2022-23825, CVE-2022-28693, and CVE-2022-29901. For more information on these vulnerabilities and their impact on VMware products, see VMSA-2022-0020.

Download Filename:VMware-ESXi-7.0U3f-20036589-depot
Download Size:575.2 MB
Host Reboot Required:Yes
Virtual Machine Migration or Shutdown Required:Yes
ESXi Component – core ESXi VIBsESXi_7.0.3-0.50.20036589BugfixCritical
ESXi Install/Upgrade Componentesx-update_7.0.3-0.50.20036589BugfixCritical
Broadcom NetXtreme-E Network and ROCE/RDMA Drivers for VMware ESXiBroadcom-bnxt-Net-RoCE_216.0.0.0-1vmw.703.0.50.20036589BugfixCritical
Network driver for Intel(R) E810 AdaptersIntel-icen_1.4.1.20-1vmw.703.0.50.20036589BugfixCritical
Network driver for Intel(R) X722 and E810 based RDMA AdaptersIntel-irdman_1.3.1.22-1vmw.703.0.50.20036589BugfixCritical
VMware Native iSER DriverVMware-iser_1.1.0.1-1vmw.703.0.50.20036589BugfixCritical
Broadcom Emulex Connectivity Division lpfc driver for FC adaptersBroadcom-ELX-lpfc_14.0.169.26-5vmw.703.0.50.20036589BugfixCritical
LSI NATIVE DRIVERS LSU Management PluginBroadcom-lsiv2-drivers-plugin_1.0.0-12vmw.703.0.50.20036589BugfixCritical
Networking Driver for Intel PRO/1000 Family AdaptersIntel-ne1000_0.9.0-1vmw.703.0.50.20036589BugfixCritical
USB DriverVMware-vmkusb_0.1-7vmw.703.0.50.20036589BugfixCritical
ESXi Component – core ESXi VIBsESXi_7.0.3-0.45.20036586SecurityCritical
ESXi Install/Upgrade Componentesx-update_7.0.3-0.45.20036586SecurityCritical


Please like and share to spread the knowledge in the community.


If you want to chat with me please use Twitter: @AngrySysOps

Join my  VMware Knowledge Base Group:

Visit my FB page:

Subscribe to my channel :

VMware EMEA store: Buy VMware Workstation PRO! Offer!

VMware US store: Buy VMware Workstation PRO! Offer!

VMware APAC store: Buy VMware Workstation PRO! Offer!

Please leave the comment