Operational Defect Database
BugZero found this defect 123 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
Hewlett Packard Enterprise | a00129966en_us
Advisory: (Revision) HPE MR Storage Administrator (MRSA) - Remote Access is Not Supported by Default Due to Security Concerns
Last update date:
1/24/2024
Affected products:
HPE MR Gen10 Plus Controllers
HPE Smart Array P824i-p Controller
Affected releases:
No affected releases provided.
Fixed releases:
No fixed releases provided.
Description:
Info
Document Version Release Date Details 2 January 18, 2024 Added the version of MRSA that resolves this issue and provided links for published components in the Resolution section. 1 February 8, 2023 Original Document Release. Remote access to HPE MR Storage Administrator (MRSA) can be used to control and monitor HPE MegaRAID (MR) controllers when the firewall of the operating system is disabled. IMPORTANT : If an unauthorized user changes the setting of the server via remote access, either accidentally or on purpose, it could cause unexpected results and possible data loss.
Scope
HPE MR Storage Administrator (MRSA) version 3.114.0.0 (or later) with the following Storage controllers: HPE MR216i-a Gen10 Plus x16 Lanes without Cache NVMe/SAS 12G Controller (P26325-B21) HPE MR216i-p Gen10 Plus x16 Lanes without Cache NVMe/SAS 12G Controller(P26324-B21) HPE MR416i-a Gen10 Plus x16 Lanes 4GB Cache NVMe/SAS 12G Controller (P26279-B21) HPE MR416i-p Gen10 Plus x16 Lanes 4GB Cache NVMe/SAS 12G Controller (P06367-B21) HPE MR216i-o Gen11 x16 Lanes without Cache OCP SPDM Storage Controller (P47789-B21) HPE MR216i-p Gen11 x16 Lanes without Cache PCI SPDM Plug-in Storage Controller (P47785-B21) HPE MR408i-o Gen11 x8 Lanes 4GB Cache OCP SPDM Storage Controller (P58335-B21) HPE MR416i-o Gen11 x16 Lanes 8GB Cache OCP SPDM Storage Controller (P47781-B21) HPE MR416i-p Gen11 x16 Lanes 8GB Cache PCI SPDM Plug-in Storage Controller (P47777-B21) HPE Smart Array P824i-p Controller
Resolution
This issue is resolved in HPE MegaRAID Storage Administrator (MRSA) for Linux 64-bit in HPE MRSA Gen11 and Gen10 Plus Controllers as follows: Download Linux : HPE MRSA for Gen10 Plus and Gen11 Controllers v8.4.16.0(B) (or later) Windows: HPE MRSA for Gen10 Plus and Gen11 Controllers v8.4.16.0(B) (or later) Workaround NOTE:Remote access to MRSA is no longer supported as of April 2023. IMPORTANT: HPE strongly recommends not to use the remote access function. Instead, enable the firewall on the server operating system to prevent insecure remote access. If remote access is absolutely required, disable the firewall. Setting the bypass_authentication to zero (0) in LSA.conf means that authentication is enabled, and you can remote in with your account and password. Once the firewall is disabled, you can securely enable HPE MRSA authentication. The account and password for authentication is the same as the one used for the Windows/Linux OS. Remote access MRSA safely Set bypass_authentication = 0 in LSA.conf Disable firewall Cannot remote access MRSA Set bypass_authentication = 1 in LSA.conf (default)> Enable firewall (default) For a Linux system: Set bypass_authentication = 0 in /opt/HPEMRSA/LSIStorageAuthority/conf/LSA.conf Restart the system, or restart HPE MRSA and run /etc/init.d/LsiSASH restart For a Windows system: Set " bypass_authentication = 0 " in C:\Program Files\HPEMRSA\LSIStorageAuthority\conf/LSA.conf Press WIN+R and enter services.msc into the search box to open the Windows Service. Find the LSA Service to restart. To apply the configuration file change settings, restart the system/service. RECEIVE PROACTIVE UPDATES : Receive support alerts (such as Customer Advisories), as well as updates on drivers, software, firmware, and customer replaceable components, proactively in your e-mail through HPE Support Alerts. Sign up for Support Alerts at the following URL: HPE Email Preference Center NAVIGATION TIP : For hints on navigating HPE.com to locate the latest drivers, patches and other support software downloads, refer to the Navigation Tips document. SEARCH TIP : For hints on locating similar documents on HPE.com, refer to the Search Tips document.
