Posted by As many of you are aware VMware recently came out with a CVE: CVE-2020-3952 that requires taking your existing VMWare vCenter to 6.7 U3f or 7.0. Since going from 6.7 to 7.0 requires a re-deploy of the vCenter I thought doing an in place upgrade would be the quickest way to fix this security vulnerability. Below you will find my step by step I followed to upgrade my vCenters.
My article explaining CVE-2020-3952:
Please Remember:
Go to the following URL to confirm version number you need for 6.7 U3f
https://docs.vmware.com/en/VMware-vSphere/6.7/rn/vsphere-vcenter-server-67u3f-release-notes.html
https://kb.vmware.com/s/article/2143838
Go to the following URL to confirm all other products are compatible with U3:
Once you confirm you won’t break anything with the above URLs I recommend any of the three ways below to backup your vCenter. Personally, I know it is overkill but I perform all three because you can never be too cautious.
- Backup
- Clone the vCenter VCSA
- Snapshot
Step by Step Process
Step 1. Log into the VAMI
Log into the browser of your choice and type: https://FQDNorIPofvCenter:5480
Log in as root
Step 2. Pre-checks
Go to Update > 6.7.0.43000 which was released on Apr 8, 2020 > click RUN PRE-UPDATE CHECKS
If passed move onto step 3.
Step 3. STAGE AND INSTALL
You can stage only to stage the code and upgrade later or you can click stage and install and begin the upgrade.
At 70% the console will go blank and a refresh will bring you back to the screen and continue with it’s status update.
hit refresh and it should take you back to theupdate section
From the VAAMI you can see we are at the desired code level
You can verify real quick in the about section that you are at the right version level by going to the vCenter at the top of the screen and looking at version information.
Summary:
As you can see in-place upgrades are relatively easy to do. I hope everyone has non-disruptive upgrades and everything goes smoothly. As always, I hope this article was helpful.
2 comments