VMware Product Vulnerability (CVE-2017-5638)

A security vulnerability has been discovered in some VMware products (CVE-2017-5638). It’s a critical vulnerability which allows remote code execution (RCE) on Apache Struts 2.

The vulnerability affects the following VMware products:
– DaaS 6.X / 7.X
– Hyperic 5.X
– vCenter 5.5 / 6.0 / 6.5
– vROPS 6.X

A advise page for this vulnerability has been made available by VMware and can be found below.

Links:
– Information about: CVE-2017-5638
– VMware security advisories for VMSA-2017-0004

Leave a Reply

Your email address will not be published. Required fields are marked *