Skyline Advisor Pro Proactive Findings – October Edition

VMware Skyline Advisor Pro releases new proactive Findings every month. Findings are prioritized by trending issues in VMware Technical Support, issues raised through post escalation review, security vulnerabilities, issues raised from VMware engineering, and nominated by customers.

For the month of October, we released 45 new Findings. Of these, there are 39 Findings based on trending issues, 7 based on nominations, 3 based on VMSAs, and 3 based on post escalation reviews. We picked a few Findings from each of these categories which stand out in this release.

Findings Nominated from Customers

The Skyline team’s primary focus is customer satisfaction. We want to keep customers out of harm’s way, and we do this by providing you with Findings we discover from the day-to-day business of VMware Technical Support. We also want to hear ideas of what you would like to see in Skyline Advisor Pro. The following Finding came from one of our customers:

• ID: vSphere-STSCertExpiryWarningAlarm-KB#79248
  • STS Signing Certificates are about to expire.
  • https://kb.vmware.com/s/article/79248
  • MODERATE

We have 7 nominated Findings in Skyline Advisor Pro this month and would like to add many more. Please follow the Provide Feedback directions to nominate Findings.

VMware Technical Support Trending Issues

VMware Technical Support trending issues are KBs that have solved a large number of SRs and/or viewed a large number of times.

In KB 86255, ESXi hosts loses time synchronization with NTP Servers. This occurs when the root dispersion value is high due to time servers not syncing. This behavior was not observed before 7.0u3 build number 18644231. This issue is resolved in VMware ESXi 7.0 Update 3c (build number 19193900).

• ID: vSphere-losttimesync-KB#86255
  • Host has lost time synchronization error after upgrading to ESX 7.0.3 build 18644231.
  • https://kb.vmware.com/s/article/86255
  • MODERATE

Post Escalation Review

VMware Technical Support has developed a Post Escalation Review process. We review critical escalations which come into our Escalation Management team and determine steps to prevent these escalations in the future with other customers. One of the outcomes of this process is the creation of Skyline Findings.

In KB 88452, DFW rules are missing in host transport nodes. During a full sync, CCP pushes stale configuration to host transport nodes. This issue is due to a rare race condition which causes the NSX Manager to fail to publish updated rules to the Transport Nodes. This issue is resolved in VMware NSX-T version 3.1.3.1.

• ID: NSXT-FullSyncCCP-KB#88452
  • During a full sync, CCP pushes stale configuration to host transport nodes.
  • https://kb.vmware.com/s/article/88452
  • MODERATE

Security Vulnerabilities

In VMSA-2022-0022, VMware vRealize Operations has the following vulnerabilities. Privilege Escalation Vulnerability (CVE-2022-31672), a malicious actor with administrative network access can escalate privileges to root. Information Disclosure Vulnerability (CVE-2022-31673), a low-privileged malicious actor with network access can create and leak hex dumps, leading to information disclosure. Successful exploitation can lead to a remote code execution. Information Disclosure Vulnerability (CVE-2022-31674), a low-privileged malicious actor with network access can access log files that lead to information disclosure. Authentication Bypass Vulnerability (CVE-2022-31675), an unauthenticated malicious actor with network access may be able to create a user with administrative privileges. These vulnerabilities are mitigated in VMware vRealize Operations 8.6.4.

• ID: vROPs-CVE-2022-31672To31675-VMSA#202222
  • VMware vRealize Operations contains multiple vulnerabilities (CVE-2022-31672, CVE-2022-31673, CVE-2022-31674, CVE-2022-31675).
  • https://www.vmware.com/security/advisories/VMSA-2022-0022.html
  • MODERATE

To review all released Findings for the month of October and all current active VMware Skyline Findings please go to the VMware Skyline Findings Catalog.

Most Viewed Findings in Last 30 Days

Below are the most viewed Findings by users in Skyline Advisor Pro:

1. NSXv-EdgeSSH100percentdiskusage-KB#2150467
2. vSphere-VCFEsxNTPRule-KB#81647
3. vSphere-PSODIPv6Disabled-KB#2150794
4. vSphere-CVE-2020-3992-VMSA#202023
5. vSphere-CustomizeWindowsGuests-KB#1020716
6. vSphere-VMmorethan3snapshots-KB#1025279
7. vSphere-VCFEsxRemoteSysLogRule-KB#81648
8. vSphere-vmsupportCNAFCoELinkDown-KB#2142226
9. vSphere-Log4jremotecodeexe-VMSA#202128
10. vSphere-XHCI-USB-controller-VMSA#202204
11. vSphere-VMsnapshotover7days-KB#1025279
12. vSphere-SpectreMeltdown-VMSA#201804-2
13. vSphere-Vmtoolsmemoryleak-KB#76163
14. vSphere-VmUnresponsivememoryleak-KB#2077302
15. vSphere-L1TerminalFault-VMSA#201820-3
16. vROPS-EndpointCertExpiration-KB#2046591
17. vSphere-EsxiBuildInconsistent
18. vSphere-CVE-2022-22943-VMSA#202207
19. vSphere-QuiesceSnapshotFails-KB#2145280
20. vSphere-VCFNoDVS-KB#81639