Sunday, September 26, 2021

VMSA-2021-0020

 

We should be aware of the following critical vulnerabilities issued five days ago by the VMSA that affect the VC and VCF products, I mentioned CVE titles of some of them: 

1. CVE-2021-21991 Is related to the local privilege escalation vulnerability

2. CVE-2021-22018 / CVE-2021-22013 / CVE-2021-22005 Are about the file vulnerabilities

3. CVE-2021-22017 / CVE-2021-22006 Are related to the reverse proxy and rhttpproxy

You can read the VMware full document about all 19 mentioned vulnerabilities here

Investigation about the physical devices information through the ESXi shell

Sometimes you may require to find more details about a specific device installed in your physical servers, inside the ESXi shell environment, because there is no more useful information in the GUI. So many ways to run the command lines to get related information. In this post, I want to show some of these methods.

1.  lspci -vvv | grep controller 

(you can replace controller with any other related keywords that you want to limit the results based on that subject)


2. esxcfg-info | grep controller 

3. esxcli storage core adapter list  or  esxcli storage core device list


4. esxcfg-scsidevs -l | grep vendor

Of course, there are many other ways to achieve this goal, by the way, I mentioned just some of the useful CLIs. I will be happy if you mention other ones that you executed in your management workloads

Thursday, September 2, 2021

Windows Server Failover Clustering (WSFC) - Basic Intro

In this video, I speak about the architecture of the Fail-over Clustering feature inside the Windows Server with a focus on the Fail-over detection operation via LAN and SAN Heartbeats and also describe what action is going on whenever a Network Isolation happens inside the Cluster.


I will start a new journey soon ...