As an vCenter Server administrator, you always want to minimize the emergency downtime. You can now monitor all data center vulnerabilities from the AppDefense plug-in. You can locate vulnerabilities using AppDefense and align the scheduled downtime with vulnerability patches or updates. So, with the help of AppDefense, you can proactively minimize the risk of an emergency downtime. To enable the vulnerability assessment feature, you should have AppDefense Service (SaaS) subscription and the AppDefense Appliance must be connected to AppDefense Service (SaaS). Vulnerability feature is supported from AppDefense Appliance version 126.96.36.199 or later.
AppDefense looks into data center vulnerabilities related to:
- vCenter Server and ESXi hosts. To view VMware products vulnerabilities, AppDefense Appliance must have version 188.8.131.52 or later.
Note: vCenter Server and ESXi related vulnerabilities are not available from version 2.3.2.
- Operating System (OS) of virtual machine. To view OS vulnerabilities, AppDefense Guest Module and AppDefense Host Module must have version 184.108.40.206 or later.
- Applications installed on the virtual machine. To view application vulnerabilities, AppDefense Guest Module and AppDefense Host Module must have version 220.127.116.11 or later.
AppDefense assesses vulnerabilities for:
- VMware Products: vCenter Server and ESXi. VMware publishes a security advisory for every vulnerability found in VMware products with the patch information. Each vulnerability contains information like product affected, version, whether any patch is available, workarounds, and also contains attack vectors and CVSS score. With AppDefense, you can now find the vulnerability information related to vCenter Server and ESXi hosts on the AppDefense plug-in dashboard.
- Windows Operating Systems: For Windows OS, AppDefense looks for OS details and the security patches applied on each VM. When some of security patches associated with a vulnerability are not applied, the VM is flagged as vulnerable.
- Linux Operating Systems: For Linux OS, AppDefense looks for OS details with the list of all installed packages. AppDefense determines the vulnerable packages installed on the VM and reports the CVEs against those packages.
AppDefense Plug-in Dashboard
You can view Vulnerabilities on the AppDefense plug-in dashboard Summary tab.
- In the left navigation pane, click the AppDefense icon.
- On the AppDefense plug-in dashboard Summary tab, go to the Vulnerabilities widget. Only critical vulnerabilities are listed and categorized based on the vulnerable asset.
To go to the list of all vulnerabilities available on the Vulnerabilities tab, click View All. Only the VMs that have version 18.104.22.168 or later, are considered in the Assets Monitored count.