VMware Carbon Black Cloud Workload 1.1.2 | 17 DEC 2021

Check for additions and updates to these release notes.

Overview

VMware Carbon Black Cloud Workload is a data center security product that protects your workloads running in a virtualized environment. It provides an ability to ensure workloads have built-in protection making security intrinsic to the virtualized environment. It includes core capabilities such as agent-less delivery, inventory, lifecycle management, vulnerability assessment, and remediation. It also includes endpoint protection capabilities such as next-gen antivirus, real-time threat hunting and endpoint detect and response.For more information, see:

What's New

The VMware Carbon Black Cloud Workload appliance 1.1.2 security patch release addresses the CVE-2021-45046 and CVE-2021-44228, Security Advisory (VMSA-2021-0028).

Upgrade Instructions

Prerequisites for the upgrade:

  1. Make sure the Carbon Black Cloud Workload appliance root password is not expired.
    1. Launch the Web console for the appliance.
    2. Log in as root and change the password when prompted.
  2. Log in to the Carbon Black Cloud console and add Appliance Details Read permission in your custom Access Level.

Trigger upgrade:

  • When Carbon Black Cloud Workload appliance is active.
Carbon Black Cloud Workload appliance with version 1.1.1 or 1.1.0 Carbon Black Cloud Workload appliance with version 1.0.2 Carbon Black Cloud Workload appliance with version 1.0.1
  1. Log in to the Carbon Black Cloud Workload appliance.
  2. Navigate to the Appliance > Upgrade page.
  3. Click the Upgrade Now button.
  1. Log in to the Carbon Black Cloud Workload appliance.
  2. Navigate to the Appliance > Upgrade page.
  3. Change the upgrade schedule time to upgrade immediately.

    UTC is the default timezone used for all date time fields.

Please refer to Upgrade Appliance To 1.0.2.
  • When Carbon Black Cloud Workload appliance is not booting up, follow this KB to resolve the issue.
  • If the Registration page, part of the Carbon Black Cloud appliance console, shows the cloud registration with a red alert icon, use the Configure a Firewall document to check the configuration.
    • If the configuration is correct and you still see a red alert icon, perform a Carbon Black Cloud registration.
    • If the configuration is incorrect, modify it to establish a cloud connectivity. Then, refer to the table above to upgrade the active Carbon Black Cloud Workload appliance.

Known Issues

  • Carbon Black Cloud console displays unreachable appliance as eligible

    On the Carbon Black Cloud console, from the Inventory > Workloads > Not Enabled tab, you can filter VMs based on the Eligibility status. Some eligible VMs are listed with a note 'Not eligible. Unreachable appliance' if the on-premise appliance is unable to communicate with the Carbon Black Cloud. Even though the appliance is unreachable, the Carbon Black Cloud console displays the unreachable appliance under the Eligible filter.

    Workaround: None

  • Carbon Black Cloud Workload appliance might show with outdated Last Checkin time

    The Carbon Black Cloud Workload appliance status visible on the Settings > API Access page from the Carbon Black Cloud console might report with an outdated Last Checkin time.

    Workaround: None

  • Appliance reboot generates certificates even if old ones exist

    After an upgrade or install of a Carbon Black Cloud Workload appliance, reboot of the appliance causes the generation of new certificates even if such already exist. As a result, the vCenter Server detects a mismatch in the thumbprint and causes the Carbon Black Cloud Workload plug-in to stop working.

    Workaround: After the upgrade is complete, check the Carbon Black Cloud Workload plug-in. If the plug-in version is still on its previous version, or shows either of the errors:

    • no healthy upstream
    • 503 service unavailable

    follow this KB to resolve the issue.

check-circle-line exclamation-circle-line close-line
Scroll to top icon