The VMware has released security updates to address a vulnerability affecting multiple VMware products. It is recommended to take the necessary precautions by ensuring your VMware is always updated to avoid remote attackers from exploiting one of these vulnerabilities by taking control of an affected system.
This update has been developed by the VMware vCloud to resolve the Remote Session Hijack vulnerability.
|
Advisory ID: |
VMSA-2019-0004
|
|
Severity: |
Critical
|
|
Synopsis: |
VMware vCloud Director for service providers update resolves a Remote Session Hijack vulnerability.
|
|
Issue date: |
March 08, 2019
|
|
Updated on: |
March 08, 2019 (initial Advisory) |
|
CVE numbers: |
CVE-2019-5523
|
Affected Versions:
|
VMware Product |
Product Version |
Running On |
Severity |
Replace with / apply path |
Mitigation/ workaround |
|
VCD |
9.7x |
Any |
N/A |
Unaffected |
None |
|
VCD |
9.5x |
Any |
Critical |
9.5.0.3 |
None |
|
VCD |
9.1x |
Any |
N/A |
Unaffected |
None |
|
VCD |
9.0x |
Any |
N/A |
Unaffected |
None |
The Guyana National CIRT recommends users and administration to review these updates and to apply them where necessary.
Reference
https://www.vmware.com/security/advisories/VMSA-2019-0004.html