VMware Carbon Black Cloud Workload 1.1.2 | 17 DEC 2021 Check for additions and updates to these release notes. |
VMware Carbon Black Cloud Workload is a data center security product that protects your workloads running in a virtualized environment. It provides an ability to ensure workloads have built-in protection making security intrinsic to the virtualized environment. It includes core capabilities such as agent-less delivery, inventory, lifecycle management, vulnerability assessment, and remediation. It also includes endpoint protection capabilities such as next-gen antivirus, real-time threat hunting and endpoint detect and response.For more information, see:
The VMware Carbon Black Cloud Workload appliance 1.1.2 security patch release addresses the CVE-2021-45046 and CVE-2021-44228, Security Advisory (VMSA-2021-0028).
Prerequisites for the upgrade:
Trigger upgrade:
Carbon Black Cloud Workload appliance with version 1.1.1 or 1.1.0 | Carbon Black Cloud Workload appliance with version 1.0.2 | Carbon Black Cloud Workload appliance with version 1.0.1 |
---|---|---|
|
|
Please refer to Upgrade Appliance To 1.0.2. |
Carbon Black Cloud console displays unreachable appliance as eligible
On the Carbon Black Cloud console, from the Inventory > Workloads > Not Enabled tab, you can filter VMs based on the Eligibility status. Some eligible VMs are listed with a note 'Not eligible. Unreachable appliance' if the on-premise appliance is unable to communicate with the Carbon Black Cloud. Even though the appliance is unreachable, the Carbon Black Cloud console displays the unreachable appliance under the Eligible filter.
Workaround: None
Carbon Black Cloud Workload appliance might show with outdated Last Checkin time
The Carbon Black Cloud Workload appliance status visible on the Settings > API Access page from the Carbon Black Cloud console might report with an outdated Last Checkin time.
Workaround: None
Appliance reboot generates certificates even if old ones exist
After an upgrade or install of a Carbon Black Cloud Workload appliance, reboot of the appliance causes the generation of new certificates even if such already exist. As a result, the vCenter Server detects a mismatch in the thumbprint and causes the Carbon Black Cloud Workload plug-in to stop working.
Workaround: After the upgrade is complete, check the Carbon Black Cloud Workload plug-in. If the plug-in version is still on its previous version, or shows either of the errors:
no healthy upstream
503 service unavailable
follow this KB to resolve the issue.