Nutanix Two-nodes cluster Vulnerability

Nutanix two nodes cluster ( 2 nodes cluster ) having VM vulnerability in which stale metadata may result in VMs crashing and/or becoming unavailable. Nutanix two-nodes cluster having VM vulnerability. Nutanix two-nodes cluster AOS version affected are prior to 10.5.7 and 5.11.1

Read also Nutanix Major Release AOS 5.11 with exciting features

Customers are advised to avoid all maintenance activities on a two-node clusters and upgrade to AOS 5.10.7 or AOS 5.11.1 (once available), which contains the fix for this issue.Note: Two-node clusters which are running AOS 5.10.6 MUST use the manual upgrade procedure in KB-8134 which requires User VMs to be gracefully shutdown and the cluster to be stopped.

Read also Nutanix Security Advisory : TCP SACK Panic overflow Vulner-ability

Solution

Nutanix two-nodes vulnerability has fixed in following Nutanix AOS versions.

Vulnerable version	Vulnerability Fixed In AOS version
Prior AOS version 5.10.7	AOS 5.10.7
Prior AOS version 5.11.1	AOS 5.11.1

Information on Nutanix AOS Long Term Support (LTS) or Short Term Support (STS) releases.

Source: Nutanix Field Advisory number #70

Thanks to being with HyperHCI Tech Blog.

More Relevant Blogs

• Nutanix API Authentication Vulnerability April 2019
• Nutanix Security Advisory Intel CPU Vulnerability MDSNutanix API Authentication Vulnerability April 2019