What's in the Release Notes

• Overview
• What's New
• Resolved Issues
• Known Issues

Overview

VMware Carbon Black Cloud Workload is a data center security product that protects your workloads running in a virtualized environment. It provides an ability to ensure workloads have built-in protection making security intrinsic to the virtualized environment. It includes core capabilities such as agent-less delivery, inventory, lifecycle management and vulnerability assessment. It also includes endpoint protection capabilities such as next-gen antivirus, real-time threat hunting and endpoint detect and response.

For more information, see:

• VMware Carbon Black Cloud Workload Product Page
• VMware Carbon Black Cloud Workload Documentation Center
• Carbon Black Cloud Console Release Notes

Prior to the Carbon Black Cloud Workload, VMs were treated as Endpoints. We recommend updating the Carbon Black sensor to the latest sensor version prior to enabling the Carbon Black Cloud Workload. These sensors can also be upgraded after the Carbon Black Cloud Workload is enabled. 

What's New

The VMware Carbon Black Cloud Workload appliance 1.0.2 is a maintenance release containing security updates and improvements based on customer feedback.

Security Advisory (VMSA-2021-0005)

The VMware Carbon Black Cloud Workload appliance 1.0.2 update addresses a security vulnerability where a URL on the administrative interface can be manipulated to bypass authentication. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2021-21982 to this issue. For more information, see VMware Security Advisory VMSA-2021-0005. We strongly recommend that you upgrade as soon as possible.

Enabling Auto-Upgrade

The resolution for CWP-5335 (auto-upgrade failing) requires that you perform some extra installation steps that are documented here.  As part of your upgrade, please follow these instructions carefully as this fix will re-enable automatic upgrades for your appliance for any future releases. 

Proxy support

With the 1.0.2 release, we've added support for the Carbon Black Cloud Workload appliance to communicate through a network proxy. For more details, see Configuring Proxy Server.

VMC on AWS support

The 1.0.2 appliance was designed to work within the restricted administrative persona of the VMC offering. If you wish to deploy Carbon Black Cloud Workload on VMC, please contact your Carbon Black account team for licensing and deployment details. 

Resolved Issues

• CWP-5634:  

  After loading the Carbon Black Cloud Workload Plug-in, the vCenter Server UI session gets immediately timed out.

  This issue occurs intermittently. The issue is resolved in 1.0.2.

• CWP-5335:

  A few Appliance instances failed automatic upgrade to version 1.0.1.

  This issue is resolved in 1.0.2.

• CWP-5324: 

  After successful appliance registration with vCenter and Carbon Black Cloud, changing the Org results in errors. If a customer is registered in Org-X, then switches to another Org (Org-Y), then the inventory will continue to flow only to the old Org (Org-X).  The inventory does not appear on Org-Y and appliance logs are filled with multiple errors.
  vsphere-worker service restart was required to resolve the issue.

  This issue has been fixed in current release (1.0.2). Now after changing org inventory will flow to new org and no error will be seen in appliance logs. 

  This issue is resolved in 1.0.2.

Known Issues

The known issues are grouped as follows.

• Carbon Black Cloud Workload Plug-in
• Carbon Black Cloud Console
• Upgrade

• New CWP-7102:

  When the IP address of the appliance's Proxy Server contains 0 at second and third positions, the Invalid Proxy Server error message displays in the UI. This is due to an extra check in the regular expression of the UX validation.

  Workaround: See the Knowledge Base article for details.

• CWP-3771:

  Complex passwords with the ampersand "&" as a special character are not supported when deploying the Carbon Black Cloud Workload appliance directly from the ESXi Host (not using the vCenter OVF deployment workflow).

  Workaround: You can install with a simpler password without any special characters and then later change the password as per your choice.

• CWP-3030:

  The Export button on the Asset View within the Vulnerability dashboard may not work for vCenter Server 6.7 and 7.0 due to a known vCenter Server issue. The external documentation links are also blocked. 

  Workaround: The issue is fixed in 7.0 U1 or later versions. Please upgrade to vCenter version 7.0 U1 or later.

• CWP-4534:

  Static DNS IP address of the Carbon Black Cloud Workload appliance reverts back to default after appliance reboot.

  Workaround: See the Knowledge Base article for details.

• CWP-6044:

  If vCenter becomes unreachable for some time for any reason, you might get a connection error on the Workload Plugin or Applaince. Once the connection with the vCenter is reestablished,  the error is not seen on the UI.

  This issue is intermittent and resolves automatically after a successful connection.

• CWP-3591:

  The Appliance status visible on the Settings > API Access page from the Carbon Black Cloud console may report an outdated Last Checkin time.

• CWP-3973:

  On the Carbon Black Cloud console, from the Inventory > Workloads > Not Enabled tab, you can filter VMs based on the Eligibility status. Some eligible VMs can be listed with a note 'Not eligible. Unreachable appliance' if the on-premise appliance is unable to communicate with the Carbon Black Cloud. Even though the appliance is unreachable, the Carbon Black Cloud console displays the unreachable appliance under the Eligible filter.

• CWP-5335:

  Auto-upgrade for 1.0.2 appliance requires the execution of a script.

  Workaround: Please follow these steps to execute the script.  After the script is successfully executed, your appliance will be upgraded as per the automatic upgrade schedule. 

  You can view the updated version or the build number on the appliance dashboard.