Daniel Micanek virtual Blog – Like normal Dan, but virtual.
In some older releases of vSAN there is an issue where if applications are using AVX-512 CPU instructions data corruption can occur. This was first reported by customers using DB2 but can occur with other applications as well. Here is the KB describing the problem: […]
Zabbix is an open-source monitoring tool designed to oversee various components of IT infrastructure, including networks, servers, virtual machines, and cloud services. In this post, I will show you how setup Zabbix monitoring with VMware vSpehre infrastructure.
With the Cisco UCS 4.3(5a) release, Cisco addresses multiple critical security vulnerabilities impacting UCS Manager, Fabric Interconnects, and compute nodes. These updates are essential for maintaining secure infrastructure as they address several vulnerabilities within third-party software dependencies. Here’s a rundown of the significant security fixes provided in this release.
Cisco UCS Manager now includes critical fixes for three vulnerabilities related to OpenSSL, which, if exploited, could impact cryptographic functions, certificate parsing, and script handling. Here’s a closer look at each vulnerability:
c_rehash script could allow attackers to inject commands through improperly sanitized shell metacharacters. This script, now considered obsolete, is replaced by OpenSSL’s rehash command-line tool, which Cisco has now included to remove this potential risk.Cisco UCS 6400 and 6500 Series Fabric Interconnects, when operated in UCS Manager mode, were vulnerable to a security regression in the OpenSSH server (sshd). This flaw, stemming from an older race condition vulnerability (CVE-2006-5051), could allow unauthenticated attackers to exploit the sshd signal handling.
Cisco’s Solution: Cisco has patched OpenSSH within the UCS software stack, reinforcing the security of SSH operations in Fabric Interconnects to eliminate this race condition vulnerability.
The UCS B-Series Blade Servers and X-Series Compute Nodes were also affected by the same OpenSSH race condition issue. This vulnerability could impact serial-over-LAN connections, which are essential for remote console access.
Cisco’s Solution: The update fixes this vulnerability by integrating the latest OpenSSH patch, safeguarding remote management sessions on UCS blade servers and compute nodes.
This vulnerability in libexpat could lead to a denial of service (DoS) attack due to resource-intensive parsing of large tokens. Cisco UCS Manager, which relies on libexpat for XML parsing, could be affected in scenarios that involve extensive parsing requirements.
Cisco’s Solution: The upgraded libexpat version now included in UCS Manager resolves this DoS vulnerability, ensuring that XML parsing operations are resilient against such resource exhaustion attacks.
Cisco’s Unified Computing System (UCS) continues to innovate in providing a powerful platform for data center infrastructure, but even with frequent updates, occasional bugs arise. In the recent Cisco UCS release 4.3(4a), a notable issue surfaced with the deployment of the Cisco UCSX-9508 chassis, leading to a power status error in the Cisco UCS Manager (UCSM) interface.
This issue, identified as BUG CSCwj01478, involves PSU view displays Power: Error and Input Source: Unknown in UCSM that do not reflect the actual physical status of the hardware.
Users deploying the Cisco UCSX-9508 chassis, integrated with Cisco UCS 6454 Fabric Interconnects (FI) and the Cisco UCS 9108 25G Intelligent Fabric Module (IFM), may encounter the following symptoms:
While these symptoms do not affect the physical functionality of the power supply, the discrepancy in UCSM’s display can complicate administrative monitoring and fault management workflows.
Summary: As a personal workaround, I set the FAN policy to MAX, which temporarily resolved the issue. However, the release of 4.3(4a) has now provided an official solution.
The general guidance and quickest way to recover an ESXi host if you have forgotten or lost the root password is to reset using vSphere Host Profiles if it was managed by vCenter Server or simply reinstall ESXi which would allow you to preserve the existing VMFS volumes along with any workloads [..]
VMware has announced that the security patches released on September 17, 2024, intended to address CVE-2024-38812, did not fully mitigate the vulnerability. As a result, all customers are strongly advised to update to the latest version, 8.0 U3d, immediately. Patches for the 8.0 U2 line are also available to address this issue.
This urgent advisory applies to all vCenter Server users, as the newly identified vulnerabilities pose a significant security risk. Notably, two critical vulnerabilities were reported in vCenter Server, including a heap-overflow vulnerability and a privilege escalation vulnerability. These have been responsibly reported to VMware, which has now provided updates to address them.
A critical heap-overflow vulnerability was discovered in vCenter Server, specifically in its implementation of the DCERPC protocol. The issue has been assigned CVE-2024-38812 and carries a CVSSv3 base score of 9.8, placing it in the Critical severity range.
This vulnerability can be exploited by a malicious actor who has network access to the vCenter Server. By sending a specially crafted network packet, the attacker could trigger the heap-overflow, potentially leading to remote code execution (RCE) on the affected system.
This vulnerability could allow attackers to gain control over your vCenter Server environment, putting your infrastructure at risk for unauthorized access, data breaches, or service disruptions. Given the widespread use of vCenter Server for managing virtual environments, this threat is extremely serious, especially for businesses relying on VMware for critical operations.
The new patches, which can be found in the Response Matrix, have been made available for both the 8.0 U3, 8.0 U2 and 7.0 U3 versions of vCenter Server. Customers should apply the new patches immediately to ensure their systems are protected.
Mount VMware-vCenter-Server-Appliance-8.0.3.00400-24322831-patch-FP.iso to VCSA VM. Log in to the appliance shell as a user with super administrative privileges (for example, root) and run the following commands:
# To stage the ISO:
software-packages stage --iso
# To see the staged content:
software-packages list --staged
# To install the staged rpms:
software-packages install --stagedIn addition to the ASUS NUC 14 Pro (which I recently reviewed), ASUS has also released the ASUS NUC 14 Performance (formally known as Scorpion Canyon) as part of their Intel 14th Generation (Meteor Lake) lineup. Compared to the ASUS NUC 14 Pro and Pro+, the ASUS NUC 14 Performance offers […]
While working on some data analysis for an internal project, I was looking for a better way to summarize and provide some visualizations of the raw data for better consumption. I also wanted to automate this process, so that I could easily build reports or dashboards regardless of the […]
When creating a new vSAN File Share, which is powered by vSAN File Services, additional network access controls (no access, allow access from any IP or custom) can be configured. To view the configured network permissions, users must expand each file share to get the relevant information. For […]
In some cases we need to reinstall ESXi host. To avoid time consuming setting up servers, we can quickly backup and restore host configuration. To achieve this, there are three possible ways: ESXi command line, vSphere CLI or PowerCLI In this article I will show how backup and restore host […]
