Solved: Re: Update for CIMC controller and ESXi host

yeow28 · ‎04-09-2018

recently we did a security scan of our voice network including ESXi host for our call manager and we found some vulnerability on the CIMC controller and vmware host.

the recommended solution is update the CIMC version and vmware ESXi host version.

my ESXi host is

ESXi Version: 5.1.0
Detected Build: 1065491
Fixed Build: 3021178

the solution is the update our CIMC to version 3.0.1d.

where can i get the update version ?

Vulnerability Detection Result:

Installed version: 1.5.2
Fixed version: 3.0.1d

Solution:

Update to version 3.0.1d or later.

update ESXi host to the following patches.

Affected Software/OS:

VMware ESXi 5.5 without patch ESXi550-201509101
VMware ESXi 5.1 without patch ESXi510-201510101
VMware ESXi 5.0 without patch ESXi500-201510101

Kirk J · ‎04-10-2018

Greetings.

You haven't specified what server you have, but I'm assuming it's a C220 or C240M3.

For C220M3, see https://software.cisco.com/download/release.html?mdfid=284296253&softwareid=283850974&release=3.0(1d)&relind=AVAILABLE&rellifecycle=&reltype=latest

This is a bootable ISO, that will allow you to upgrade the various items (including CIMC).

General HUU upgrade steps see https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/c/sw/lomug/2-0-x/3_0/b_huu_3_0_1/b_huu_2_0_13_chapter_010.html

Please note you should upgrade to a 2.x version before trying to jump to a 3.x version.

Also make sure to check the HCL to make sure ESXi drivers match the firmware level (check to see if esxi 5.1 is even tested on 3.x versions)

ESXi 5.1 is no longer supported by VMware, so I hope you are eventually planning on moving to a supported ESXi version.

For CUCM version and ESXi compatibility see https://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/uc_system/virtualization/virtualization-cisco-unified-communications-manager.html

Thanks,

Kirk...

View solution in original post

Kirk J · ‎04-10-2018

Greetings.

You haven't specified what server you have, but I'm assuming it's a C220 or C240M3.

For C220M3, see https://software.cisco.com/download/release.html?mdfid=284296253&softwareid=283850974&release=3.0(1d)&relind=AVAILABLE&rellifecycle=&reltype=latest

This is a bootable ISO, that will allow you to upgrade the various items (including CIMC).

General HUU upgrade steps see https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/c/sw/lomug/2-0-x/3_0/b_huu_3_0_1/b_huu_2_0_13_chapter_010.html

Please note you should upgrade to a 2.x version before trying to jump to a 3.x version.

Also make sure to check the HCL to make sure ESXi drivers match the firmware level (check to see if esxi 5.1 is even tested on 3.x versions)

ESXi 5.1 is no longer supported by VMware, so I hope you are eventually planning on moving to a supported ESXi version.

For CUCM version and ESXi compatibility see https://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/uc_system/virtualization/virtualization-cisco-unified-communications-manager.html

Thanks,

Kirk...

yeow28 · ‎04-10-2018

my server is UC220

Kirk J · ‎04-11-2018

If it was a C220m3, then then links I previously posted apply to your equipment.

Thanks,

Kirk...

yeow28 · ‎04-18-2018

Do i need to shut down ESXi host and VM when upgrading the CIMC firmware ?