Nutanix two nodes cluster ( 2 nodes cluster ) having VM vulnerability in which stale metadata may result in VMs crashing and/or becoming unavailable. Nutanix two-nodes cluster having VM vulnerability. Nutanix two-nodes cluster AOS version affected are prior to 10.5.7 and 5.11.1
Read also Nutanix Major Release AOS 5.11 with exciting features
Customers are advised to avoid all maintenance activities on a two-node clusters and upgrade to AOS 5.10.7 or AOS 5.11.1 (once available), which contains the fix for this issue.Note: Two-node clusters which are running AOS 5.10.6 MUST use the manual upgrade procedure in KB-8134 which requires User VMs to be gracefully shutdown and the cluster to be stopped.
Read also Nutanix Security Advisory : TCP SACK Panic overflow Vulner-ability
Solution
Nutanix two-nodes vulnerability has fixed in following Nutanix AOS versions.
Vulnerable version | Vulnerability Fixed In AOS version |
Prior AOS version 5.10.7 | AOS 5.10.7 |
Prior AOS version 5.11.1 | AOS 5.11.1 |
Information on Nutanix AOS Long Term Support (LTS) or Short Term Support (STS) releases.
Source: Nutanix Field Advisory number #70
Thanks to being with HyperHCI Tech Blog.
More Relevant Blogs
- Nutanix API Authentication Vulnerability April 2019
- Nutanix Security Advisory Intel CPU Vulnerability MDSNutanix API Authentication Vulnerability April 2019