Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: Two VMWare Security Updates for vCloud Automation Center and Airwatch SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Two VMWare Security Updates for vCloud Automation Center and Airwatch

We got two security updates from VMWare this week:

VMWare ID CVE Product Details
VMSA-2014-0013 CVE-2014-8373 VMware vCloud Automation Center Remote privilege escalation vulnerability. Authenticated remote users may obtain administrative privileges. Mitigated by turning off "Connect (by) Using VMRC"
VMSA-2014-0014 CVE-2014-8372 AirWatch A direct object reference vulnerability allows users to see each others information.

 

VMSA-2014-0013 (CVE: http://www.vmware.com/security/advisories/VMSA-2014-0013.html

 

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

I will be teaching next: Defending Web Applications Security Essentials - SANS Cyber Security West: March 2021

 Johannes

4069 Posts
ISC Handler
Dec 10th 2014
Thread locked Subscribe Dec 10th 2014
6 years ago

Sign Up for Free or Log In to start participating in the conversation!