BugZero | Hewlett Packard Enterprise BugID a00124522en_us - HPE Gen10/Gen10 Plus Systems

BugZero | Hewlett Packard Enterprise BugID a00124522en_us - HPE Gen10/Gen10 Plus Systems - The Installed NVMe ...

Hewlett Packard Enterprise - Defect ID: a00124522en_us

HPE Gen10/Gen10 Plus Systems - The Installed NVMe Drives May Fail Authentication and Will Not Be Executed With a Secure Boot Configuration Only in a VMware Environment

Hewlett Packard Enterprise - Defect ID: a00124522en_us

HPE Gen10/Gen10 Plus Systems - The Installed NVMe Drives May Fail Authentication and Will Not Be Executed With a Secure Boot Configuration Only in a VMware Environment

Last updated on May 27th, 2022

BugZero Risk Score
5.9 Medium

Overall: 5.9

Severity: 6.4

Community: 5.5

What is the BugZero Risk Score?

Hewlett Packard Enterprise Integration

Learn more about where this data comes from

Hewlett Packard Enterprise Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Priority: Medium
Views: 14

Description

Summary

The NVMe Solid State Drives (SSD) installed in any system outlined in the Scope section below may fail authentication and may not be executed. This is due to the NVMe SSD firmware HPK5 version not supporting secure boot authentication with the following drive models: MO001600KWZQP, VO001920KWZQR, VO003840KWZQT and MO003200KWZQQ. In addition, these issues will only occur when the HPK5 firmware is in a VMware ESXi 7.0 environment.With the secure boot authentication failure on firmware HPK5, a message will be displayed in the HPE Integrated Management Log (IML) that is similar to what is shown in the HPE Active Health System (AHS) log:"Caution,102,1717,0x000A,POST Message,0x31AF,Security, Secure Boot Authentication Failure - The image on NVMe Drive Port 1A Box 2 Bay 1 failed authentication and was not executedACTION: Update the image to known good trusted version. If current image is trusted, then update the Secure Boot allowed database (DB) with the certificate or image hash."

Scope

Any HPE Gen10 or HPE Gen10 Plus server with PCIe NVMe Solid State Drive (SSD) models MO001600KWZQP, VO001920KWZQR, VO003840KWZQT and MO003200KWZQQ installed and running VMware ESXi 7.0.

Resolution

The issue is resolved in the critical VMware firmware update, HPK6 (May 2022) release for the PCIe NVMe Solid State Drives (SSDs) mentioned in the Scope. To resolve this issue, update the PCIe NVMe firmware to Version HPK6:Online NVMe SSD Flash Component for VMware ESXi - MO001600KWZQP and MO003200KWZQQ DrivesOnline NVMe SSD Flash Component for VMware ESXi - VO001920KWZQR and VO003840KWZQT DrivesRECEIVE PROACTIVE UPDATES: Receive support alerts (such as Customer Advisories), as well as updates on drivers, software, firmware, and customer replaceable components, proactively in your e-mail through HPE Support Alerts.Sign up for Support Alerts at the following URL:HPE Email Preference CenterNAVIGATION TIP:For hints on navigating HPE.com to locate the latest drivers, patches and other support software downloads, refer to theNavigation Tips document.SEARCH TIP:For hints on locating similar documents on HPE.com, refer to theSearch Tips document.

Affected OS

Operating Systems Affected:VMware ESXi 7.0

Change history

2022-05-27 Added: HPE ProLiant DL360 Gen10 server, HPE ProLiant DL380 Gen10 server, HPE ProLiant DL385 Gen10 server, HPE ProLiant DL580 Gen10 server

Relevant Products

Click on a version to see all relevant bugs

Affected versions:Not Applicable

Fixed versions: No known fixed versions

Relevant Products

Click on a version to see all relevant bugs

Affected versions:Not Applicable

Fixed versions: No known fixed versions

Top Hewlett Packard Enterprise Defects

8.0Defect ID: a00133193en_us
VMware - PSOD May Be Experienced On HPE ProLiant Servers Running VMware ESXi 8.0 / 9.0 When a VM Is Started With an NVIDIA GPU Configured as a PCI Pass-Through Device
7.5Defect ID: a00155860en_us
HPE OneView - Incorrect Locked Alert Is Displayed in the OneView User Interface When "Not Scheduled" Is Used for an Online Firmware Update Option
7.5Defect ID: a00151147en_us
OneView - After Restoring From Backup, the HPE Virtual Connect SE 100Gb F32 Module for Synergy Interconnect May Result in an "AddedWithErrors" State and the Message, "Unable to Claim the Interconnect"
7.5Defect ID: a00150626en_us
HPE OneView - OneView May Fail to Start When Using OneView Remote Support and the Traffic to the HPE Remote Support Backend Is Using SSL Inspection
7.5Defect ID: a00151220en_us
HPE OneView - The "Authentication Failure" SNMP Trap May Be Sent into the Configured SNMPv1 Alert Destination if It Is Configured Directly on HPE iLO

Ready to prevent the next vendor outage?

Get a demo

Hewlett Packard Enterprise - Defect ID: a00124522en_us

HPE Gen10/Gen10 Plus Systems - The Installed NVMe Drives May Fail Authentication and Will Not Be Executed With a Secure Boot Configuration Only in a VMware Environment

Hewlett Packard Enterprise - Defect ID: a00124522en_us

HPE Gen10/Gen10 Plus Systems - The Installed NVMe Drives May Fail Authentication and Will Not Be Executed With a Secure Boot Configuration Only in a VMware Environment

Last updated on May 27th, 2022

BugZero Risk Score5.9 Medium

Bug Details

Summary

Scope

Resolution

Affected OS

Top Hewlett Packard Enterprise Defects

Ready to prevent the next vendor outage?

Links

BugZero Risk Score
5.9 Medium