FAQ
Q: Who or what is exposed to this vulnerability?
A: All customers running an impacted version of vRealize Operations.
Q: How do I determine if an installation is vulnerable?
A: Any deployment of vRealize Operations build prior to the Fixed Version (
VMSA-2021-0004) is affected.
vRealize Operations releases after 8.3 will not be impacted by this vulnerability.
Q: What do I need to do to eliminate this vulnerability?
A: VMware recommends that customers on an affected release of vRealize Operations update to the corresponding fixed version in
VMSA-2021-0004.
Q: I don't want to or can't patch/upgrade. Are there other options to remediate?
A: Yes, the corresponding KB article details workaround instructions. For greater detail, see the corresponding KB articles linked below or in
VMSA-2021-0004.
Q: What is the impact of implementing the workaround ?
A: There is no impact. No functionality will be affected by modifying the XML file as detailed in the KB articles.
Q: Are EoGS versions such as vRealize Operations 6.7 impacted?
A. We cannot publish information on EoS product lines.