 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.140101 |
| Category: | General |
| Title: | VMware ESXi updates address a cross-site scripting issue (VMSA-2016-003) - Remote Version Check |
| Summary: | VMware ESXi updates address a critical glibc security vulnerability |
| Description: | Summary: VMware ESXi updates address a critical glibc security vulnerability Vulnerability Insight: The ESXi Host Client contains a vulnerability that may allow for stored cross-site scripting (XSS). The issue can be introduced by an attacker that has permission to manage virtual machines through ESXi Host Client or by tricking the vSphere administrator to import a specially crafted VM. The issue may be triggered on the system from where ESXi Host Client is used to manage the specially crafted VM. Affected Software/OS: - ESXi 6.0 without patch ESXi600-201611102-SG - ESXi 5.5 without patch ESXi550-201612102-SG Solution: Apply the missing patch(es). CVSS Score: 3.5 CVSS Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-7463 BugTraq ID: 94998 http://www.securityfocus.com/bid/94998 http://www.securitytracker.com/id/1037501 |
| Copyright | Copyright (C) 2016 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |