Plain Virtualization

Broadcom has release an update to address the below two vulnerabilities. This affect vCenter Server 7.x and 8.x. VMware vCenter Server heap-overflow vulnerability (CVE-2024-38812) This carries a CVSSv3 score of 9.8 VMware vCenter privilege escalation vulnerability (CVE-2024-38813) This carries a CVSSv3 score of 7.5. Both are addressed with resolution with a new binary update for vCenter Server 7U3s and vCenter Server 8U3b. This will affect any VCF 4.x and 5.x which contains either vCenter Server 7.x or 8.x. It is always recommended to get this updated as soon as possible with such rare critical severity. Check out this article for more information.

VMware has release a security advisory regarding vCenter Server. You can refer  here . This advisory is to address CVE-2023-34048 and CVE-2023-34056 which has a score on CVSSv3 of 9.8 and 4.3. This applies to vCenter Server version 7.x and 8.x which also affect VCF 3.x and 4.x which uses these vCenter Server version. The resolution is to apply the fixed version released. Do read carefully if there are any caveats for any particular build when you are updating. All of the above has been summarize in this  article  which was released on 24th October. Do take some time to read it and understand the risk and impact.

A critical vulnerability has been announced by VMware in regards to vCenter Server found in version 6.5, 6.7 and 7.0. The security advisory can be found here . This is bearing a rating of CVSSv3 of 9.8. A list of FAQ is also release for any questions pertaining to this vulnerability. You can also join in the community discussion regarding to this vulnerability here . It is highly recommended to stay up to date by subscribing to the security advisories alerts. Note that this vulnerability consist of several parts. And each either affects all the version of vCenter Server or partial versions of it. It is highly critical and recommended to patch this immediately. As a user of VMware Cloud on AWS (VMC), great to receive notice that the vCenter Server has been addressed in regards to this vulnerability.

Many might have been raised alert on the recent vCenter Server vulnerability which was raised as a 9.8/10 scale rating. One of it can be found here  reported on Feb 23rd. If you have subscribe to VMware Security advisory, you would have received this information VMSA–2021–0002 . I would strongly encourage anyone who is using VMware solution to subscribe to VMware Securities Advisories so as to be kept informed of any security information. If you have refer to VMSA-2021-002, vCenter Server version 7.0 U1c was updated in Dec 17th, 6.7 U3I Nov 19th and lastly 6.5 U3N Feb 23rd one day after the report. If you have been up to date, you would have been protected way before the report was announced. The only version was 6.5 which was release a day after, but based on the report, it was a one day turn around which is still impressive. Also this is very critical for vCenter Server that are connected to the internet. However, this case would be minimal as most customer would not have place t...

Previously I mentioned I help one of my customer to reinstate back their Windows vCenter Server here . They have use the Windows Local Account to have the vCenter Server services started on instead of creating an AD service account. Recently, they did a reboot of the Windows Server after a Windows update. The vCenter Server services was not able to start. When using the vSphere Web Client, they got this error " 503 Service Unavailable " similar to what is stated in this KB . You might wonder what can cause a vCenter Server service with just a reboot. As stated in the KB, this can be due to the removal of permission to allow the account running the service with Log on as a batch job . Do make sure when your Windows Server is joined to a domain, the rights need to be assigned explictly for this machine as your Group Policy can revert this if you are uncertain. Else create a service account to run the servce and ensure the permission is provided.

Recently, assisted one of my customer to troubleshoot a failed Windows vCenter Server resulted from an upgrade failure. What you would need is all the credential accounts such as vCenter SSO, Windows Administrator and your MS SQL account. Also a copy of your existing vCenter Server database. We logged a case with VMware support and gone through the logs. Refer to the logs location here . The one major log would be the vmdird.log. This was showing error 49. The VMware Service Lifecycle Manager service remain freeze at Starting status. This will run a vmon process in your task manager. Check out the all services name here . For those not aware, starting from vCenter Server 6.5, the vCenter Server Services are no longer a standalone services. We spend a lot of time trying to reinstall, and running through kb fixes but it did not help. We decided to do a uninstall and encounter error 1603. We were not able to get over this error.  Instead, we did another vCenter Server installation on ...