VMware Security Updates For VCenter Server (VMSA-2014-0006) Network Vulnerability

Summary

VMware product updates address OpenSSL security vulnerabilities.

Solution

Apply the missing patch(es).

Insight

a. OpenSSL update for multiple products. OpenSSL libraries have been updated in multiple products to versions 0.9.8za and 1.0.1h in order to resolve multiple security issues.

Affected

vCenter prior to 5.5u1b vCenter prior to 5.1U2a vCenter prior to 5.0U3a

Detection

Check the build number

References

http://www.vmware.com/security/advisories/VMSA-2014-0006.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-5298, CVE-2014-0198, CVE-2014-0224, CVE-2014-3470

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe LiveCycle Designer Untrusted Search Path Vulnerability (Windows)
Apple Safari Webkit Multiple Vulnerabilities - May13 (Mac OS X)
Apple Mac OS X Authentication Bypass Vulnerability
Adobe Flash Player Unspecified Cross-Site Scripting Vulnerability June-2011 (Linux)
Adobe Reader 'SWF' Information Disclosure Vulnerability (Windows)

VMware Security Updates for vCenter Server (VMSA-2014-0006)

Take action and discover your vulnerabilities