A requirement arose to patch my vRealise Log Insight manager 4.6.0 to 4 .6 1 based on Advisory ID: VMSA-2018-0028 so as it’s an pretty easy task I have upgraded to 4.7.1 instead.
Advisory ID: VMSA-2018-0028
Severity: Moderate
Synopsis: VMware vRealize Log Insight updates address an authorization bypass vulnerability
Issue date: 2018-11-13
Updated on: 2018-11-13 (Initial Advisory)
CVE number: CVE-2018-6980
VMware guide here: https://docs.vmware.com/en/vRealize-Log-Insight/4.7/com.vmware.log-insight.administration.doc/GUID-A6CAC5D7-7BE0-4F62-8A03-80F6C3327E8A.html
https://docs.vmware.com/en/vRealize-Log-Insight/4.7/com.vmware.log-insight.administration.doc/GUID-A6CAC5D7-7BE0-4F62-8A03-80F6C3327E8A.html
Prerequisites
- Verify that you are applying the 4.7 upgrade to version 4.6.x . For more information about supported upgrade paths, see vRealize Log Insight Upgrade Path.
- Create a snapshot or backup copy of the vRealize Log Insight virtual appliance.
- Obtain a copy of the vRealize Log Insight upgrade bundle .pak file for the release you are upgrading to.
- Verify that you are logged in to the vRealize Log Insight web user interface as a user with the Edit Admin permission. The URL format is https://log-insight-host, where log-insight-host is the IP address or host name of the vRealize Log Insight virtual appliance.
- Make a note of any nodes you are upgrading that are in maintenance mode. When the upgrade is finished, you must move them from the state Connected to Maintenance mode.
Procedure
Take a snapshot, pre that I had to check I had enough storage on the allocated datastore and I did not therefore I storage vmotioned to another datastore before taking the snapshot.
- Click the configuration drop-down menu icon and select Administration.
- Under Management, click Cluster.
- Click Upgrade from PAK to upload the .pak file.
- Accept the new EULA to complete the upgrade procedure.
Download the upgrade .pak file from the VMware website downloads page.
VMware-vRealize-Log-Insight-4.7.1-10752772.pak
Agents are set to auto update, so that’s covered.
Log in and check all is ok then Delete snapshot.