VMware Patches vRealize Log Insight Vulnerabilities
There are a lot of software components to the VMware infrastructure. Kinda like SolarWinds, VMware has a high market share in data centers, and those VMware software components are installed with access at the heart of business networks. This means VMware is an obvious high leverage/high priority target for very sophisticated attackers, just as Solar Winds was. This particular log management software vulnerability by itself may not rate as top priority but use VMware’s CVSS score of 9.8 to drive a check on patch levels on all VMware installs.
The VMware vRealize issue is yet another string of issues plaguing VMWare. While it may not be as popular as vCenter, it is considered core infrastructure in many companies. Most of these items stay unpatched for years. Patch your VMware kit. When doing Red Team assessments on internal networks, we often find ways into VMware backends as they are often unpatched.
Deploy the updated version of vRealize Log Insight. Yes, there is a workaround, and it makes tasks like adding nodes to clusters more manual. Read and understand the entire workaround before moving forward, which will likely take more time than patching.