VMware Products Information Disclosure Vulnerability

Last Update Date: 30 Oct 2018 Release Date: 15 Aug 2018 3700 Views

RISK: Medium Risk

TYPE: Operating Systems - VM Ware

A vulnerability was identified in VMware Products. A remote attacker could exlpoit this vulnerability to disclose sensitive information on the targeted system.
.

Impact

Information Disclosure

System / Technologies affected

vCenter Server (VC) 5.5, 6.0, 6.5, 6.7
vSphere ESXi (ESXi) 5.5, 6.0, 6.5, 6.7
Workstation Pro / Player (WS) 14.x
Fusion Pro / Fusion (Fusion) 10.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Update to version:

vCenter Server (VC) 5.5u3j, 6.0u3h, 6.5u2c, 6.7.0d
vSphere ESXi (ESXi) ESXi550-201808401-BG, ESXi550-201808402-BG, ESXi550-201808403-BG, ESXi600-201808401-BG, ESXi600-201808402-BG, ESXi600-201808403-BG, ESXi650-201808401-BG, ESXi650-201808402-BG, ESXi650-201808403-BG, ESXi670-201808401-BG, ESXi670-201808402-BG, ESXi670-201808403-BG
Workstation Pro / Player (WS) 14.1.3
Fusion Pro / Fusion (Fusion) 10.1.3

For more information, you may refer to: https://www.vmware.com/security/advisories/VMSA-2018-0020.html

Vulnerability Identifier

CVE-2018-6957

Source

US-CERT