{"id":615,"date":"2021-10-01T10:38:57","date_gmt":"2021-10-01T10:38:57","guid":{"rendered":"https:\/\/robinplomp.com\/?p=615"},"modified":"2022-01-12T14:01:42","modified_gmt":"2022-01-12T14:01:42","slug":"vmware-vcenter-upgrade-test-rpm-transaction-failed","status":"publish","type":"post","link":"https:\/\/robinplomp.com\/?p=615","title":{"rendered":"VMware vCenter upgrade, Test RPM transaction failed"},"content":{"rendered":"

\"index\"<\/a>VMware has identified a security thread within vCenter. An upload vulnerability in vCenter’s Analytics service allows attackers to run arbitrary code on vulnerable servers. On a scale of 1 to 10 in terms of impact, the vulnerability, CVE-2021-22005<\/a>, is rated 9.8. “The implications of this vulnerability are serious and it will only be a matter of time, probably minutes after the announcement, before working exploits appear,” VMware said on September 21. The thread has been registered by VMware under VMSA-2021-0002<\/a>.
\n
\nTo mitigate the security issue you need to upgrade your vCenter instance to version 7.0U2d build 18455184.<\/p>\n

At a customer I am upgrading a vCenter from version 7.0.1.00100 to 7.0.2.00500. This version was released on September 16, VMware  confirms in knowledge base article 85717<\/a> that this version fixes the above mentioned issue.<\/p>\n

To install the update you need to logon to the vCenter Server Appliance Management Interface (VAMI). To access the VAMI you need to browse to https:\/\/vcenter.fqdn:5480<\/a>. In the left side menu click on Update.\"2021-09-30<\/a>The vCenter updates are cumulative so click on the latest version (in this case that is version 7.0.2.00500), and click on \u201cStage and Install”<\/em>\u201d.<\/p>\n

\"2021-09-30<\/a><\/p>\n

The update starts running.<\/p>\n

\"2021-09-30<\/a><\/p>\n

But after a couple of minutes the installation fails and the installation is stuck in an infinity loop.<\/p>\n

To break trough this loop you need to close the browser and logon to the vCenter via SSH.<\/p>\n

\"2021-09-30<\/a><\/p>\n

After you logon you enter \u201cShell<\/em>\u201d to launch the BASH (Unix) Shell. Enter to following command to delete the state file that is causing the loop.<\/p>\n

\u201crn \/etc\/applmgmt\/appliance\/software_update_state.conf<\/em>\u201d<\/p>\n

When the file is deleted you need to reboot the vCenter Appliance.<\/p>\n

\"2021-09-30<\/a><\/p>\n

After the reboot you execute the following command from the appliance shell: \u201csoftware-packages install \u2013url \u2013acceptEulas<\/em>\u201d. Next you are prompted to enter SSO password for the administrator@vsphere.local<\/a> account.<\/p>\n

\"2021-09-30<\/a><\/p>\n

After some patient waiting the message appears that the installation process was successful.<\/p>\n

\"2021-09-30<\/a><\/p>\n

When you log back into vCenter you can confirm that vCenter is now upgraded and the security thread is mitigated.<\/p>\n","protected":false},"excerpt":{"rendered":"

VMware has identified a security thread within vCenter. An upload vulnerability in vCenter’s Analytics service allows attackers to run arbitrary code on vulnerable servers. On a scale of 1 to 10 in terms of impact, the vulnerability, CVE-2021-22005, is rated 9.8. “The implications of this vulnerability are serious and it will only be a matter … Lees verder VMware vCenter upgrade, Test RPM transaction failed<\/span> →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[33,22],"tags":[45,47,46],"class_list":["post-615","post","type-post","status-publish","format-standard","hentry","category-vcenter","category-vmware","tag-cve-2021-22005","tag-test-rpm-transaction-failed","tag-vmsa-2021-0002"],"_links":{"self":[{"href":"https:\/\/robinplomp.com\/index.php?rest_route=\/wp\/v2\/posts\/615","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/robinplomp.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/robinplomp.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/robinplomp.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/robinplomp.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=615"}],"version-history":[{"count":3,"href":"https:\/\/robinplomp.com\/index.php?rest_route=\/wp\/v2\/posts\/615\/revisions"}],"predecessor-version":[{"id":711,"href":"https:\/\/robinplomp.com\/index.php?rest_route=\/wp\/v2\/posts\/615\/revisions\/711"}],"wp:attachment":[{"href":"https:\/\/robinplomp.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=615"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/robinplomp.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=615"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/robinplomp.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=615"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}