Veeam Backup & Replication 13.0.1.2067 Patch and Critical Security Issues

Leave a reply

Veeam released a new version of the Backup & Replication product with the number 13.0.1.2067 addressing some critical security issues.

You can find more info in the following KB 4831.

CVE-2026-21669, CVSS v3.1 Score: 9.9 – A vulnerability allowing an authenticated domain user to perform remote code execution (RCE) on the Backup Server.
Affects Windows-based servers.

CVE-2026-21670, CVSS v3.1 Score: 7.7 – A vulnerability allowing a low-privileged user to extract saved SSH credentials.
Affects Windows-based servers and Veeam Software Appliance as well.

CVE-2026-21671, CVSS v3.1 Score: 9.1 – A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE) in high availability (HA) deployments of Veeam Backup & Replication.
This vulnerability affects only Veeam Software Appliance type of installation.

CVE-2026-21672, CVSS v3.1 Score: 8.8 – A vulnerability allowing local privilege escalation on Windows-based Veeam Backup & Replication servers.
Affects only Windows-based installations.

CVE-2026-21708, CVSS v3.1 Score: 9.9 – A vulnerability allowing a Backup Viewer to perform remote code execution (RCE) as the postgres user.
Affects both types of Veeam Backup Server.

As you can see, no matter the installation you’re using – Windows-based backup server or Veeam Software Appliance – it’s time to update ASAP.

Although this is not the topic of the vulnerabilities above, let me remind you that a production domain-joined VBR server is not a best practice. As for me, I will use VSA in all my future installations because it’s a really high-security appliance, which has already closed many vectors of possible attacks.

Loading

Preparing for the NVIDIA-Certified Professional: AI Infrastructure (NCP-AII) exam

Leave a reply

This year I took the NVIDIA-Certified Professional: AI Infrastructure exam, and in the post, I want to share materials I used for my preparation.

For those who do not know, this certification validates a candidate’s ability to deploy, configure, and validate advanced NVIDIA AI infrastructure, and I think this is right where we need to start after passing the NVIDIA-Certified Associate: AI Infrastructure and Operations exam (unless you are not a network engineer).

Continue reading

Loading

Using Prometheus snmp-exporter

Leave a reply

Recently I’ve been asked to create a dashboard in Grafana, displaying the power usage of the Smart PDU Sentry3.

Although most of the modern systems have a metric page or a written exporter, which can be simply gathered by Prometheus, most of the old systems or devices are still answering SNMP queries and do not have exposed metrics or an exporter.

In this situation we can use the Prometheus SNMP exporter, which acts like a proxy between Prometheus and the SNMP device. The Prometheus SNMP exporter exposed metrics to the Prometheus server based on the SNMP queries to the requested device.

Continue reading

Loading

What’s new at Nutanix University? New Nutanix Certified Professional – Network and Security certification

Leave a reply

Good news to all Flow users – Nutanix announced new certification and training related to this product.

First is a new course, available for free at Nutanix University, called Nutanix Network and Security Administration (NNSA). In this course you will dive into concepts of Flow Virtual Networking and Flow Network Security, and this is a great way to start preparing for the brand-new NCP certification.

Nutanix Certified Professional – Network and Security (NCP‑NS) 6.10 Exam – validates your ability to deploy, manage, and troubleshoot network virtualization and network security using Nutanix Flow.

As always, you can book the exam for free using the NCPNS610BETA voucher during checkout. The voucher is valid only for the first 250 participants, and the last day to take this exam is March 1st. So, hurry!

You can schedule this exam from the Nutanix University Certifications page.

For more information, please check the official announcement.

Loading

Preparing for the Nutanix Certified Professional – Artificial Intelligence 6.10 (NCP-AI 6.10) Exam

Leave a reply

Last year, I took the Nutanix Certified Professional – Artificial Intelligence 6.10 exam, and in this article, I want to share a few tips I used to prepare for this exam.

For those who did not hear about this certification, NCP-AI measures an ability to install, configure, optimize, and troubleshoot Nutanix Enterprise AI (NAI), as well as integrate GenAI applications and agents with NAI.

In this article, we will look at the main topics from the Nutanix Certified Professional – Artificial Intelligence (NCP-AI) exam version 6.10, and I will share materials that you can use to prepare yourself.

This guide describes the methodology I am using in preparing for certification exams, and it could be used for other Nutanix exams as well.

Continue reading

Loading

Deploying VCF Operations for Logs 9

Leave a reply

VCF Operations for Logs (formerly Log Insight) is a powerful tool allowing us to keep, maintain, and explore logs from the VMware Cloud Foundation components, and this is one of the critical components of any virtual infrastructure.  

In this short article, we will deploy VCF Operations for Logs and configure vCenter Server, ESXi hosts, and VCF Operations to send logs to the newly deployed appliance.

Continue reading

Loading

Using Veeam Infrastructure Appliance v13

Leave a reply

Previously I wrote about the newest Veeam Feature – Veeam Software Appliance – pre-built and pre-hardened image containing all the packages needed to run a fully functional backup server on Linux.

In this article, we will look at the Veeam Infrastructure Appliance – an infrastructure component based on Veeam JeOS as well, which can hold different roles – Proxy, Repository (including Hardened), Mount Server, and so on. Do you remember Veeam Hardened Repository ISO? – This release is a massive evolution.

In addition, please consider this article as a little walk through the basic Veeam Software Appliance Web UI.

Continue reading

Loading

Quick Fix: Updating ESXi GPU driver with vLCM – files may still be in use

Leave a reply

Recently I needed to update the NVIDIA GPU driver on my ESXi 8.0U3 hosts. Although it looks simple: upload the new driver to the depot, edit the image, and update hosts, I faced an unexpected issue during remediation of the cluster:

Remediation of cluster failed
 Remediation failed for Host 'gpu-esxi-01'
gpu-esxi-01 - Failed to remediate host
 Remediation failed for Host 'gpu-esxi-01'
 Failed to remove Component NVD-AIE-800(580.95.02-1OEM.800.1.0.20613240), files may still be in use.

Keeping in mind that the host is in the maintenance mode and there is no VMs running on it, the only thing using the GPU driver can be a service like Xorg and/or vGPU Manager. In my case the Xorg service wasn’t running, but vGPU Manager was.

Therefore, the workaround in this situation was simple (but I hope there is a better way):
1. Place ESXi host into maintenance mode and make sure – no VMs are running on it;
2. Enable SSH and connect;
3. Stop the vGPU manager service:

[root@gpu-esxi-01:~] /etc/init.d/nvdGpuMgmtDaemon status
daemon_nvdGpuMgmtDaemon is running

[root@gpu-esxi-01:~] /etc/init.d/nvdGpuMgmtDaemon stop

[root@gpu-esxi-01:~] /etc/init.d/nvdGpuMgmtDaemon status
daemon_nvdGpuMgmtDaemon is not running

4. Return to the cluster update section, and remediate only one host (with a stopped vGPU manager). This time there should not be any problems with installing a new driver;
5. After finishing the remediation, reboot the host;
6. Leave the host from the maintenance mode;
7. Repeat tasks for each host.

After rebooting, you will see that the driver is updated and the host is compliant with the new cluster image.

Loading

Quick Fix: Using NCCL with multi-vGPU VMware VMs

Leave a reply

If you’re using a virtual machine with multiple vGPUs and considering using NVIDIA Collective Communications Library (NCCL) to implement multi-GPU communications, you may face an error like this during nccl-test:

Test NCCL failure common.cu:1279 'unhandled cuda error (run with NCCL_DEBUG=INFO for details) / '
 .. ollama-cb-01 pid 1598: Test failure common.cu:1100

In the detailed log we can see errors like:

init.cc:491 NCCL WARN Cuda failure 'operation not supported'
...
init.cc:491 NCCL WARN Cuda failure 'operation not supported'
...
Test NCCL failure common.cu:1279 'unhandled cuda error (run with NCCL_DEBUG=INFO for details) / '
...

One common reason for this issue in the VMware environment is the UVM (Unified Memory), which is disabled by default in the virtual machine.

To enable UVM, power off the VM and add advanced parameters, based on the number of vGPUs attached to it:

pciPassthru0.cfg.enable_uvm = 1
pciPassthru1.cfg.enable_uvm = 1

The example above is for two vGPUs. For four vGPUs, you should add four additional parameters (and so on):

pciPassthru0.cfg.enable_uvm = 1
pciPassthru1.cfg.enable_uvm = 1
pciPassthru2.cfg.enable_uvm = 1
pciPassthru3.cfg.enable_uvm = 1

Thereafter, power on the VM, and NCCL-Test will likely pass.

Keep in mind, enabling this feature will prevent future live vMotions of the VM with the following error:

A required migration feature is not supported on the "Source" host 'esxi-01'.
vGPU migration is not supported on this VM.

Another problem that can prevent passing the NCCL test is broken P2P vGPU communication. For example, you can run p2pBandwidthLatencyTest from the NVIDIA Cuda-samples package. If you have a problem with P2P, you will see something like that in the output:

Device=0 CANNOT Access Peer Device=1
Device=1 CANNOT Access Peer Device=0

If everything is OK, in the log we will see:

Device=0 CAN Access Peer Device=1
Device=1 CAN Access Peer Device=0

I faced this issue with the drivers from the AI Enterprise 7.1 package (580.95). The solution in my case was to update ESXi and VM drivers to version 580.105 (AI Enterprise 7.3 package).

Loading