Skyline Advisor Pro Proactive Findings – March Edition

VMware Skyline releases new Proactive Findings every month. Findings are prioritized by trending issues in VMware Support, issues raised through Post Escalation review, Security vulnerabilities, and issues raised from VMware engineering, and customers.

For the month of March, we released 23 new Findings. Of these, there are 14 Findings based on trending issues, 5 based on VMSAs, and 4 based on post escalation reviews. We picked a few Findings from each of these categories which stand out in this release.

Proactive Customer Advisory

VMware Technical Support developed a customer advisory system. This system is designed as a way for Global Support to communicate critical issues to customers. For information on subscribing to Proactive Customer Advisories, please refer to KB 86378 for details: https://kb.vmware.com/s/article/86378 .

In KB 87627, the NSX engineering group discovered an issue in NSX-T 3.1.3.6. This issue caused the NSX engineering group to pull the NSX-T 3.1.3.6 release. The symptom of the issue is if the NSX-T Load Balancer is configured with a Layer 4 Virtual Server reports an alarm “Edge node datapath mempool is high”. Memory associated with L4 LB sessions is not automatically released when the connections close or terminate, over time datapathd memory is exhausted and the Edge can no longer process traffic. This issue is resolved in NSX-T Data Center 3.1.3.7.

• NSXT-LB4trafficstops-KB#87627
  • Description: NSX-T 3.1.3.6 Edge configured with an L4 LB stops passing all traffic
  • Resolution: This issue is resolved in NSX-T Data Center 3.1.3.7
  • Helpful Link: https://kb.vmware.com/s/article/87627
  • Severity: Critical

VMware Support Trending Issues

VMware Support trending issues are KBs that have solved a large number of SRs and/or viewed a large number of times.

In KB 86069, customers who have upgraded to vSphere 7.0u3 are no longer able to perform VAMI backups to their SMB shares. SMB is one of the most common file share systems, so this issue quickly impacted many customers. This issue has been resolved in vCenter 7.0 update 3c.

• vSphere-SMBBackupFailure-KB#86069
  • Description: VAMI Backup with SMB reports error: “Path not exported by the remote filesystem”
  • Resolution: This issue is resolved in VMware vCenter 7.0u3c.
  • Helpful Link: https://kb.vmware.com/s/article/86069
  • Severity: Moderate

Security Vulnerabilities

In VMSA-2022-0005, VMware NSX Data Center for vSphere update addresses CLI shell injection vulnerability (CVE-2022-22945). VMware NSX Data Center for vSphere contains a CLI shell injection vulnerability in the NSX Edge appliance component. VMware evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.8. A malicious actor with SSH access to an NSX-Edge appliance (NSX-V) can execute arbitrary commands on the operating system as root. This vulnerability is mitigated in NSX-V 6.4.13.

• Finding ID: NSXv-CVE-2022-22945-VMSA#202205
  • Description: VMware NSX Data Center for vSphere update addresses CLI shell injection vulnerability (CVE-2022-22945).
  • Resolution: This issue is resolved in NSX-v 6.4.13 (build number 19307994).
  • Helpful Link: https://www.vmware.com/security/advisories/VMSA-2022-0005.html
  • Severity: Critical

Post Escalation Review

VMware Support has developed a Post Escalation Review process. We review critical escalations which come into our Escalation Management team and determine steps to prevent these escalations in the future with other customers. One of the outcomes of this process is the creation of Skyline Findings.

In KB 82498, it was discovered after a very extensive escalation that when vCenter is on an ESXi host with over 25gb Ethernet Controller with hardware LRO enabled content library transfer performance is slow. Exporting an item from the published content library would average out at ~1MBps (lows around 150KBps and highs around 9MBps). It does not happen with a datastore browser download or OVF export from outside content library. The workaround for this issue was to disable LRO on the ESXi host which may impact the overall performance of the ESXi host or disable LRO for the vCenter Appliance OS which may impact performance of the vCenter. This issue is resolved in vCenter Appliance 6.7 Update 3p with an update to vCenter vmxnet3 driver.

Finding ID: vSphere-VCSlowness-KB#82498

• • Description: VxRail using Broadcom BCM57414 NetXtreme-E 10Gb/25Gb RDMA Ethernet Controller cluster vCenter content library slowness.
  • Resolution: This issue is resolved in VMware vCenter Appliance 6.7 Update 3p (build number 18831133)
  • Helpful Link: https://kb.vmware.com/s/article/82498
  • Severity: Moderate

To review all released Findings for the month of March and all current active VMware Skyline Findings please go to the VMware Skyline Findings Catalog.

Most Viewed Findings in Last 30 Days

Below are the most viewed Findings by users in Skyline Advisor Pro.

1. vSphere-XHCI-USB-controller-VMSA#202204
2. vSphere-Log4jremotecodeexe-VMSA#202128
3. vSphere-VCFEsxNTPRule-KB#81647
4. vSphere-CustomizeWindowsGuests-KB#1020716
5. vSphere-VCFEsxRemoteSysLogRule-KB#81648
6. vSphere-VMsnapshotover7days-KB#1025279
7. vSphere-VMmorethan3snapshots-KB#1025279
8. vSphere-CVE-2020-3992-VMSA#202023
9. vSphere-SpectreMeltdown-VMSA#201804-2
10. vSphere-VmUnresponsivememoryleak-KB#2077302
11. vSphere-L1TerminalFault-VMSA#201820-3
12. vSphere-Vmtoolsmemoryleak-KB#76163
13. vSphere-VMFS-L-SDCards-KB#83376
14. vSphere-PSODQLogicFCHBA-KB#83790
15. vSphere-PSODNFNICReportLun-KB#85690
16. vSphere-VMToolsCVE20203941-VMSA#202002
17. vROPs-Log4jremotecodeexe-VMSA#202128
18. vSphere-CVE-2021-21997-VMSA#202111
19. vSphere-CVE-2021-22045-VMSA#202201
20. vSphere-PSODQLFE3-KB#82237