VMware patches third-party components in vSphere platform

9 years ago
10 September 2014
1 reply
11 views

Userlevel 7

+54

Jasper_The_Rasper
Moderator
10618 replies

Lucian Constantin Sep 10, 2014 VMware has updated third-party libraries and components used by its vSphere server virtualization platform to integrate security patches released in recent months.
The company released vCenter Server 5.5 Update 2 in order to include a patch for a remote code execution vulnerability in the Apache Struts Web framework used inside the product.
The same vCenter Server release updates the Apache Tomcat component to version 7.0.52, originally released in February, which includes fixes for two denial-of-service and one information disclosure vulnerabilities.
Full Article

1 reply

Userlevel 7

retiredAntus67
Community Guide
5988 replies
9 years ago
5 December 2014

The following article is a update:

VMware Fixes Several Vulnerabilities in vSphere Platform

By Eduard Kovacs on December 05, 2014

VMware has released software updates to address a series of vulnerabilities affecting the company's popular vSphere virtualization platform.
The list of security bugs includes a cross-site scripting (XSS) flaw, a certificate validation issue, and various vulnerabilities affecting third-party libraries. The impacted products are VMware vCenter Server Appliance 5.1 prior to Update 3, VMware vCenter Server 5.5 prior to Update 2, VMware vCenter Server 5.1 prior to Update 3, VMware vCenter Server 5.0 prior to Update 3c, and VMware ESXi 5.1 without the ESXi510-201412101-SG patch, VMware revealed in an advisory published on Thursday.

full article

Reply

We have recently updated our Privacy Policies. We encourage you to read the full terms here.

VMware Fixes Several Vulnerabilities in vSphere Platform

Reply

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded