Tuesday, April 18, 2017

VCSA 6.5.0c is Out!

VMware just released a new version and patch for their VCSA 6.5 vCenter Server Appliance.
6.5.0c addresses the Apache BlazeDS security vulnerability.

Resolved Issues

VMware vCenter Server contains a remote code execution vulnerability due the use of BlazeDS to process AMF3 messages. This issue may be exploited to execute arbitrary code when deserializing an untrusted Java object. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2017-5641 to this issue.

The new build is:
Name: VMware-VCSA-all-6.5.0-5318112.iso
Release Date: 2017-04-13
Build Number: 5318112

The new patch is:

No comments:

Post a Comment

Thanks for your comment!