漏洞类别:VMware
漏洞等级: 
漏洞信息
VMware vCenter is the centralized management tool for the vSphere suite. The target is missing Update 3a, which resolve the following security issue:
VMware product updates resolve remote code execution vulnerability via Apache Struts 2
漏洞危害
Depending on the vulnerability being exploited, an unauthenticated remote attacker could execute code on the vCenter host.
解决方案
For vCenter Server, upgrade to vCenter Server 6.0 U3a and KB2149434 or apply the latest VMware vCenter Server build.
Refer to VMSA-2017-0004 for further details.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论