VMware Security Updates For VCenter Server (VMSA-2014-0006) Network Vulnerability

Summary

VMware product updates address OpenSSL security vulnerabilities.

Solution

Apply the missing patch(es).

Insight

a. OpenSSL update for multiple products. OpenSSL libraries have been updated in multiple products to versions 0.9.8za and 1.0.1h in order to resolve multiple security issues.

Affected

vCenter prior to 5.5u1b vCenter prior to 5.1U2a vCenter prior to 5.0U3a

Detection

Check the build number

References

http://www.vmware.com/security/advisories/VMSA-2014-0006.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-5298, CVE-2014-0198, CVE-2014-0224, CVE-2014-3470

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe Reader Plugin Signature Bypass Vulnerability (Linux)
Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Windows)
Adobe Reader Plugin Signature Bypass Vulnerability (Mac OS X)
Adobe Reader Unspecified Vulnerability (Windows)
Apple Safari Multiple Memory Corruption Vulnerabilities-02 Apr14 (Mac OS X)

VMware Security Updates for vCenter Server (VMSA-2014-0006)

Take action and discover your vulnerabilities