top of page
  • Brock Peterson

Aria Automation 8.16 for VMSA-2024-0001

This morning we announced VMSA-2024-001 with the following Synopsis:


VMware Aria Automation (formerly vRealize Automation) updates address a Missing Access Control vulnerability (CVE-2023-34063)


The fix is addressed in Aria Automation 8.16, which requires Aria Suite Lifecycle Manager 8.14 PSPack 4, which is now GA. Go to Lifecycle Operations - Settings - Product Support Pack - CHECK SUPPORT PACKS ONLINE and get it.



Once applied, download Aria Automation 8.16 via Lifecycle Operations - Settings - Binary Mapping - Product Binaries - ADD BINARIES and either discover via My VMware or upload them manually, I'm downloading mine from My VMware.



Once downloaded we can upgrade. Go to Lifecycle Operations - Environments - select your environment - VMware Aria Automation - UPGRADE.



Click UPGRADE and work your way through the prompts.



Upgrade to Aria Automation 8.16 complete and VMSA-2024-0001 has been addressed. If your impatient like I am and want to follow along at home you can always SSH into your Automation VM and run the following command to get updates: vracli upgrade status --follow. Thanks for the pro-tip Coz!

コメント


bottom of page