Two VMWare Security Updates for vCloud Automation Center and Airwatch

Published: 2014-12-10
Last Updated: 2014-12-10 19:04:44 UTC
by Johannes Ullrich (Version: 1)
0 comment(s)

We got two security updates from VMWare this week:

VMWare ID CVE Product Details
VMSA-2014-0013 CVE-2014-8373 VMware vCloud Automation Center Remote privilege escalation vulnerability. Authenticated remote users may obtain administrative privileges. Mitigated by turning off "Connect (by) Using VMRC"
VMSA-2014-0014 CVE-2014-8372 AirWatch A direct object reference vulnerability allows users to see each others information.

 

VMSA-2014-0013 (CVE: http://www.vmware.com/security/advisories/VMSA-2014-0013.html

 

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

Keywords:
0 comment(s)

Comments


Diary Archives