VMware has released an update to its vSphere Client which addresses a potential – but hard to target – man-in-the-middle vulnerability for the virtualization tool.
The company said that users running vSphere Client 4.0, 4.1, 5.0, and 5.1 for Windows were vulnerable to a flaw that allows the client to download and install untrusted updates. Were an attacker to exploit the flaw, VMware said that users could be subject to remote code execution attacks via a malicious link or redirect.
Systems running vSphere Client 5.5 are not vulnerable to the flaw.
Full Article
Thanks for the info!
Mike
Mike
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.