vSphere Client Instability and Session Timeouts After vCenter Server 8.0.3.00200 Upgrade: How to Resolve

After upgrading to vCenter Server 8.0.3.00200, some users have reported issues with the vSphere Client becoming unstable, particularly after long periods of session idleness (typically 1-2 hours). This instability may manifest in a variety of ways, including session timeouts, continuous loading indicators, and errors when browsing the inventory.

Root Cause

The root cause of this instability appears to be related to a misconfiguration in how the vSphere Client handles facade recycling within the Apache Catalina Connector.

Solution: Updating the Catalina Configuration

root@vcsa-home [ ~ ]# cp /usr/lib/vmware-vsphere-ui/server/conf/catalina.properties /root/catalina.properties.bak

root@vcsa-home [ ~ ]# echo "org.apache.catalina.connector.RECYCLE_FACADES=false" >> /usr/lib/vmware-vsphere-ui/server/conf/catalina.properties

root@vcsa-home [ ~ ]# service-control --restart vsphere-ui

Quick Tip – Monitoring ESXi remote syslog…

Quick Tip – Monitoring ESXi remote syslog…

When an ESXi host is unable to forward its logs to a remote syslog server, a VMkernel Observation (VOB) is automatically raised by the host and it can be used to proactively alert administrators, which has been possible since ESXi 5.0 …. per this blog post from 2012 after some Googling! 😅😂 […]

Broadcom Social Media Advocacy

ESXi on ASUS NUC 14 Pro (Revel Canyon)

ESXi on ASUS NUC 14 Pro (Revel Canyon)

The ASUS NUC 14 Pro (formally known as Revel Canyon) is the first ASUS-based NUC since the acquisition of the NUC Division from Intel last fall. I know many of my readers have been requesting a review of the new ASUS NUCs, but to be honest, it has been pretty difficult to get samples directly […]

Broadcom Social Media Advocacy

Useful NVMe Tiering reporting using vSphere 8.0…

Useful NVMe Tiering reporting using vSphere 8.0 Update 3 APIs

Useful NVMe Tiering reporting using vSphere 8.0…

After successfully enabling the NVMe Tiering feature, which was introduced in vSphere 8.0 Update 3, you can find some useful details about your NVMe Tiering configuration by navigating to a specific ESXi host and under Configure->Hardware and under the Memory section as shown in the screenshot below. There is quite a bit of information that […]

Broadcom Social Media Advocacy

LLM Inference Sizing and Performance Guidance

LLM Inference Sizing and Performance Guidance

When planning to deploy a chatbot or simple Retrieval-Augmentation-Generation (RAG) pipeline on VMware Private AI Foundation with NVIDIA (PAIF-N) [1], you may have questions about sizing (capacity) and performance based on your existing GPU resources or potential future GPU acquisitions. For […]

Broadcom Social Media Advocacy

VMSA-2024-0019: Critical VMware vCenter Server Vulnerabilities (CVE-2024-38812, CVE-2024-38813) Addressed

VMware has released an important security advisory, VMSA-2024-0019, detailing updates for VMware vCenter Server that address two significant vulnerabilities: a heap-overflow vulnerability (CVE-2024-38812) and a privilege escalation vulnerability (CVE-2024-38813). Both of these vulnerabilities could have severe implications if exploited, making it crucial for administrators to apply the necessary patches promptly.

Heap-Overflow Vulnerability (CVE-2024-38812)

Description: The first vulnerability, identified as CVE-2024-38812, is a heap-overflow vulnerability found in the vCenter Server’s implementation of the DCERPC protocol. This issue has been classified by VMware as Critical, with a maximum CVSSv3 base score of 9.8, indicating the potential for severe impact.

Known Attack Vectors: A malicious actor with network access to the vCenter Server can exploit this vulnerability by sending a specially crafted network packet. Successful exploitation could lead to remote code execution (RCE), allowing the attacker to execute arbitrary code on the vCenter Server with potentially full system privileges. This level of access could be used to disrupt services, exfiltrate sensitive data, or further compromise the virtual environment.

Privilege Escalation Vulnerability (CVE-2024-38813)

Description: The second vulnerability, CVE-2024-38813, is a privilege escalation flaw within the vCenter Server. VMware has rated this issue as Important, with a CVSSv3 base score of 7.5. While not as severe as the heap-overflow vulnerability, it still poses a significant risk.

Known Attack Vectors: An attacker with network access to the vCenter Server can exploit this vulnerability by sending a specially crafted network packet. If successful, the attacker could escalate their privileges to root, gaining full administrative control over the vCenter Server. This level of access could enable the attacker to make unauthorized changes, access sensitive information, or disrupt the entire virtual infrastructure.

More info VMSA-2024-0019:VMware vCenter Server updates address heap-overflow and privilege escalation vulnerabilities (CVE-2024-38812, CVE-2024-38813)

Fixing VMware vCenter Server: Resolving HTTP…

Fixing VMware vCenter Server: Resolving HTTP…

In the world of virtualization, VMware vCenter Server serves as a crucial component for managing your virtual environment. However, encountering an HTTP 500 Internal Server Error can be frustrating. This blog post will guide you through the steps to troubleshoot and resolve this error effectively.

Broadcom Social Media Advocacy

VMware Explore Recap with William Lam

VMware Explore Recap with William Lam

In this episode of the Virtually Speaking Podcast, we catch up with William Lam from VMware by Broadcom to recap VMware Explore 2024 in Las Vegas. William breaks down exciting announcements, including advancements in VMware Cloud Foundation (VCF), the introduction of the Private Cloud […]

Broadcom Social Media Advocacy