Daniel Micanek virtual Blog – Like normal Dan, but virtual.
Zabbix is an open-source monitoring tool designed to oversee various components of IT infrastructure, including networks, servers, virtual machines, and cloud services. In this post, I will show you how setup Zabbix monitoring with VMware vSpehre infrastructure.
The general guidance and quickest way to recover an ESXi host if you have forgotten or lost the root password is to reset using vSphere Host Profiles if it was managed by vCenter Server or simply reinstall ESXi which would allow you to preserve the existing VMFS volumes along with any workloads [..]
VMware has announced that the security patches released on September 17, 2024, intended to address CVE-2024-38812, did not fully mitigate the vulnerability. As a result, all customers are strongly advised to update to the latest version, 8.0 U3d, immediately. Patches for the 8.0 U2 line are also available to address this issue.
This urgent advisory applies to all vCenter Server users, as the newly identified vulnerabilities pose a significant security risk. Notably, two critical vulnerabilities were reported in vCenter Server, including a heap-overflow vulnerability and a privilege escalation vulnerability. These have been responsibly reported to VMware, which has now provided updates to address them.
A critical heap-overflow vulnerability was discovered in vCenter Server, specifically in its implementation of the DCERPC protocol. The issue has been assigned CVE-2024-38812 and carries a CVSSv3 base score of 9.8, placing it in the Critical severity range.
This vulnerability can be exploited by a malicious actor who has network access to the vCenter Server. By sending a specially crafted network packet, the attacker could trigger the heap-overflow, potentially leading to remote code execution (RCE) on the affected system.
This vulnerability could allow attackers to gain control over your vCenter Server environment, putting your infrastructure at risk for unauthorized access, data breaches, or service disruptions. Given the widespread use of vCenter Server for managing virtual environments, this threat is extremely serious, especially for businesses relying on VMware for critical operations.
The new patches, which can be found in the Response Matrix, have been made available for both the 8.0 U3, 8.0 U2 and 7.0 U3 versions of vCenter Server. Customers should apply the new patches immediately to ensure their systems are protected.
Mount VMware-vCenter-Server-Appliance-8.0.3.00400-24322831-patch-FP.iso to VCSA VM. Log in to the appliance shell as a user with super administrative privileges (for example, root) and run the following commands:
# To stage the ISO:
software-packages stage --iso
# To see the staged content:
software-packages list --staged
# To install the staged rpms:
software-packages install --stagedIn addition to the ASUS NUC 14 Pro (which I recently reviewed), ASUS has also released the ASUS NUC 14 Performance (formally known as Scorpion Canyon) as part of their Intel 14th Generation (Meteor Lake) lineup. Compared to the ASUS NUC 14 Pro and Pro+, the ASUS NUC 14 Performance offers […]
While working on some data analysis for an internal project, I was looking for a better way to summarize and provide some visualizations of the raw data for better consumption. I also wanted to automate this process, so that I could easily build reports or dashboards regardless of the […]
When creating a new vSAN File Share, which is powered by vSAN File Services, additional network access controls (no access, allow access from any IP or custom) can be configured. To view the configured network permissions, users must expand each file share to get the relevant information. For […]
In some cases we need to reinstall ESXi host. To avoid time consuming setting up servers, we can quickly backup and restore host configuration. To achieve this, there are three possible ways: ESXi command line, vSphere CLI or PowerCLI In this article I will show how backup and restore host […]
VMware has released vCenter Server 8.0 Update 3c, bringing several key improvements and bug fixes. Among these, one notable issue addressed in this release relates to the vSphere Client’s behavior when left idle for extended periods.
In previous versions, particularly starting from vSphere 8.0 Update 3b, users encountered a frustrating issue with the vSphere Client. If a session remained idle for more than 50 minutes, the client would become unresponsive, making it impossible to log in or log out. Attempting to resume work in the same browser would yield no results unless all browser cookies were cleared. This was not only an inconvenience but also a disruption for administrators managing their vSphere environments.
The root of the problem was traced back to an upgrade to Apache Tomcat 9.0.91, introduced in vSphere 8.0 Update 3b. This upgrade brought with it a change in the default value of the property org.apache.catalina.connector.RECYCLE_FACADES. Previously set to FALSE, this value was altered to TRUE, causing sessions to become invalid after extended inactivity. This meant that any session left idle for over 50 minutes would not properly refresh, effectively locking the user out until they manually cleared cookies from their browser.
Links:
One of the most powerful and versatile VM management capability in vSphere is the Guest Operations API, providing a rich set of operations from transferring files to/from the guest to running commands directly on the guest as if you were logged in! An easy way to consume the Guest Operations API […]
Quick Tip – SSH Server, Client & Authorized Key Configurations for ESXi 7.0 Update 1 and later
The general best practice is to disable SSH on your ESXi host by default and if/when you need access, you can turn it on temporarily and disable it when you have completed your task. For users that need to modify the default SSH configurations whether that is on the server side, client side or setting […]
