VMware patches third-party components in vSphere platform

Forum|Forum|11 years ago
September 10, 2014
1 reply
12 views

+54

Jasper_The_Rasper
Moderator

Lucian Constantin Sep 10, 2014 VMware has updated third-party libraries and components used by its vSphere server virtualization platform to integrate security patches released in recent months.
The company released vCenter Server 5.5 Update 2 in order to include a patch for a remote code execution vulnerability in the Apache Struts Web framework used inside the product.
The same vCenter Server release updates the Apache Tomcat component to version 7.0.52, originally released in February, which includes fixes for two denial-of-service and one information disclosure vulnerabilities.
Full Article

R

retiredAntus67
Community Guide
Forum|Forum|11 years ago
December 5, 2014

The following article is a update:

VMware Fixes Several Vulnerabilities in vSphere Platform

By Eduard Kovacs on December 05, 2014

VMware has released software updates to address a series of vulnerabilities affecting the company's popular vSphere virtualization platform.
The list of security bugs includes a cross-site scripting (XSS) flaw, a certificate validation issue, and various vulnerabilities affecting third-party libraries. The impacted products are VMware vCenter Server Appliance 5.1 prior to Update 3, VMware vCenter Server 5.5 prior to Update 2, VMware vCenter Server 5.1 prior to Update 3, VMware vCenter Server 5.0 prior to Update 3c, and VMware ESXi 5.1 without the ESXi510-201412101-SG patch, VMware revealed in an advisory published on Thursday.

full article

Like

VMware Fixes Several Vulnerabilities in vSphere Platform

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded