Home > Blogs > VMware Support Insider > Category Archives: Alerts

Category Archives: Alerts

Important support alerts

ALERT: Bash Code Injection Vulnerability aka Shellshock

VMware Support AlertOn Sept 24, 2014, a critical vulnerability in Bash (CVE-2014-6271, CVE-2014-7169) was published that may allow for remote code execution. The VMware Security Engineering, Communications, and Response group (vSECR) has been actively investigating the impact this vulnerability may have on our products.

For further information and updates on this vulnerability, refer to KB article:
VMware assessment of Bash Code Injection Vulnerability via Specially Crafted Environment Variables (CVE-2014-6271 CVE-2014-7169, aka “Shellshock”) (2090740)
.

Note: For information regarding VMware customer portals and web sites, see Impact of bash code injection vulnerability on VMware Customer Portals and web sites (CVE-2014-6271 and CVE-2014-7169, aka “shellshock”) (2090817).

ALERT: Storage Controllers for Virtual SAN that are no longer supported

VMware Support AlertAs part of VMware’s ongoing testing and certification efforts on Virtual SAN compatible hardware, VMware has decided to remove some controllers from the Virtual SAN compatibility list. While fully functional, these controllers offer IO throughput that is too low to sustain the performance requirements of most VMware environments.

For more information, see KB article: Storage Controllers previously supported for Virtual SAN that are no longer supported (2081431). If you have purchased Virtual SAN for use with these controllers, contact VMware Customer Service for next steps.

Note: Any updates to this issue will be reflected in the aforementioned KB article. To be alerted when this article is updated, click Subscribe to Document in the Actions box on the KB article page.

ALERT: Creating tenants and adding or deleting users fails in vCloud Automation Center when using vSphere SSO

VMware Support AlertVMware has become aware of an issue wherein:

  • Creating tenants fails and the System Exception error is displayed.
  • Adding or deleting users from tenants fails and the System Exception error is displayed.
  • Error messages appear in logs (details in KB)

Before upgrading to vCAC 6.0.1.2, you must patch your vSphere Single Sign-On (SSO) system.

For more information, see KB article: Creating tenants and adding or deleting users fails in vCloud Automation Center when using vSphere Single Sign-On 5.5.0 U1, 5.5.0 U1a, or 5.5.0 U1b (2081730)
.

Note: Any updates to this issue will be reflected in the aforementioned KB article. To be alerted when this article is updated, click Subscribe to Document in the Actions box on the KB article page.

ALERT: vCAC 6.0.x tenants become inaccessible and identity stores disappear

VMware Support AlertVMware has become aware of an issue that occurs after 90 days after deployment of a template in vCloud Automation Center (vCAC) 6.0.x, tenants become inaccessible and identity stores disappear due to expiration of the tenant admin password. For more information, see the article below.

For further information and updates, please refer to KB article: vCloud Automation Center 6.0.x tenants become inaccessible and identity stores disappear (2075011) in your problem description.

Note: Any updates to this issue will be reflected in the aforementioned KB article. To be alerted when this article is updated, click Subscribe to Document in the Actions box on the KB article page.

ALERT: Response to Heartbleed OpenSSL security issue

heartbleedThis week, a new vulnerability was discovered affecting SSL, a protocol most of the Internet uses to encrypt and secure communications. The VMware Security Engineering, Communications, and Response group (vSECR) is investigating the OpenSSL issue dubbed “Heartbleed”. For information on which VMware products may be affected and resolution/remediation steps, refer to the two KB articles at the bottom of this post.

For the curious, we would like to quickly explain why this particular vulnerability could be a risk across the Internet. The bug — dubbed “Heartbleed” — allows anybody to read the memory on a system that is supposed to be protected by SSL.

An anonymous attacker could potentially steal any information from an SSL-secured communication when the issue is not addressed. Best practices dictate that websites and web service providers should always use SSL-encrypted communication when dealing with sensitive information like usernames, passwords, and bank info. Heartbleed could breach that information to anybody who knows how to extract it without leaving a trace.

ALERT: vShield Manager UI issue after upgrading to 5.1.3

VMware Support AlertVMware has become aware of an issue that occurs after upgrading to vCloud Networking and Security (vCNS) 5.1.3 in an environment with Cisco Nexus 1000V. The vShield Manager user interface becomes unavailable.

A hot patch fix is available. This does not affect customers with VMware standard or VMware vDS switches.

If you encounter this issue, file a support request with VMware Technical Support and note Knowledge Base article: vShield Manager user interface becomes unavailable after upgrading to 5.1.3 when Cisco Nexus 1000V is present (2073502) in your problem description.

Note:  Updates on this issue will be reflected in the aforementioned KB article. To be alerted when this article is updated, click Subscribe to Document in the Actions box on the KB article page.

ALERT: Transfers fail after vCloud Connector 2.6 upgrade

VMware Support AlertVMware has become aware of an issue wherein after upgrading to vCloud Connector 2.6, a change to the permissions on the staging directory causes transfers to fail.

A newly installed vCloud Connector node has read/write/execute permissions for user, group, and other on the staging directory (777). When upgrading the node to vCloud Connector 2.6, these permissions are incorrectly set to 755. This removes the write permission for other, which in this instance references the admin user.

For details and updates on this issue refer to KB article: Cannot access the transfer directory after upgrading to vCloud Connector 2.6 (2073208)

ALERT: Active Directory authentication fails when vCenter Single Sign-On 5.5 runs on Windows Server 2012 along with AD

VMware Support AlertVMware has become aware of an issue where machines running vCenter Single Sign-On 5.5 running on Windows Server 2012 authenticating to an Active Directory Domain running on Windows Server 2012 will not be able to authenticate to Active Directory.

 

For further information and updates, please refer to KB article: Active Directory authentication fails when vCenter Single Sign-On 5.5 runs on Windows Server 2012 and the AD Domain Controller is also on Windows Server 2012 (2060901).

ALERT: vSphere 5.5 Single Sign-On upgrade rolls back after importing Lookup Service data

VMware Support AlertVMware has become aware of an issue where an upgrade to vSphere 5.5 may fail when upgrading the SSO component. The issue appears to be related to the default SSO certificate generated when installing vSphere 5.1 Build #799735

For details and updates on this issue refer to KB article: vSphere 5.5 Single Sign-On upgrade rolls back after importing Lookup Service data (2060511)


Related info:

Location of Single Sign On log files for vCenter Server 5.1 (2033430)

ALERT: Unable to install or upgrade vCloud Director 5.5.0

VMware Support AlertVMware has become aware of an issue that may occur if you use Microsoft SQL Server 2005 SP4 as your vCloud Director database, you will not be able to successfully upgrade to (or do fresh install) vCloud Director 5.5.0

VMware is currently investigating this issue. The problem occurs only with the specific database version mentioned.

For more information and updates on this matter, reference Knowledgebase article: Unable to install or upgrade to VMware vCloud Director to version 5.5.0 when using SQL Server 2005 SP4 (2060068).