VMware NSX

 View Only
  • 1.  CVE-2021-44228; KB 87099 - check gives strange result

    Posted Dec 15, 2021 11:54 AM

    I applied the Work Around on two NSX-v managers (version 6.4.6.14819921)

    After the reboot on the first manager I get no output from the curl command on a first run but the second run I get the below output. On the second manager I get the below output on the first run of the curl command.

    {"errorCode":210,"details":"Another object with same name : ${jndi:ldap://127.0.0.1/e} already exists in the current scope : globalroot-0.","rootCauseString":null,"moduleName":"core-services","errorData":null}[

    I had no errors warnings or what so ever applying the Workaround.



  • 2.  RE: CVE-2021-44228; KB 87099 - check gives strange result

    Posted Dec 17, 2021 02:18 PM

    Same here, although on the first run the curl command returned a securitygroup-id number



  • 3.  RE: CVE-2021-44228; KB 87099 - check gives strange result

    Posted Dec 17, 2021 05:14 PM

    I am still trying to understand, do we really needs apply this patch/workaround or is there any upgradation has to be done. I am sure VMware will come very soon with newer version to be upgrade for NSX manger. 

     



  • 4.  RE: CVE-2021-44228; KB 87099 - check gives strange result

    Posted Dec 17, 2021 07:53 PM

    I won't say you 'have to' apply the given workaround and sure VMware will soon release a patch or update. The choice is yours.
    But in my opinion, it is always better to apply a given workaround to your vulnerable system then wait for a patch/update. 



  • 5.  RE: CVE-2021-44228; KB 87099 - check gives strange result

    Posted Dec 18, 2021 11:29 PM

    same issue here...