Deserialization of untrusted data

VMware vRealize Automation 7.3 and 7.2 and vSphere Integrated Containers 1.x before 1.3 contain a deserialization vulnerability via Xenon. Successful exploitation of this issue may allow remote attackers to execute arbitrary code on the appliance...

CVE-2017-4947

VMware vRealize Automation 7.3 and 7.2 and vSphere Integrated Containers 1.x before 1.3 contain a deserialization vulnerability via Xenon. Successful exploitation of this issue may allow remote attackers to execute arbitrary code on the appliance...

CVE-2017-4947

VMware vRealize Automation 7.3 and 7.2 and vSphere Integrated Containers 1.x before 1.3 contain a deserialization vulnerability via Xenon. Successful exploitation of this issue may allow remote attackers to execute arbitrary code on the appliance...

CVE-2017-4947

VMware vRealize Automation 7.3 and 7.2 and vSphere Integrated Containers 1.x before 1.3 contain a deserialization vulnerability via Xenon. Successful exploitation of this issue may allow remote attackers to execute arbitrary code on the appliance...

CVE-2017-4947

CVE-2017-4947 describes a deserialization vulnerability via Xenon in VMware vRealize Automation (vRA) 7.2/7.3 and VIC 1.x before 1.3, allowing remote code execution on the appliance. Connected documents confirm the affected products/versions and cite mitigation via patches: vRA 7.2/7.3 require up...

VMware vRealize Automation and vSphere Integrated Containers Remote Code Execution Vulnerability

VMware vRealize Automation vRA and vSphere Integrated Containers VIC are both products from VMware. vRealize Automation vRA is a suite of cloud automation software. The software supports automated delivery of personalized infrastructure, deployment across multi-vendor, hybrid cloud infrastructure...

VMware Releases Security Updates

VMware has released security updates to address vulnerabilities in vRealize Automation, vSphere Integrated Containers, and AirWatch Console. An attacker could exploit these vulnerabilities to take control of an affected system. NCCIC/US-CERT encourages users and administrators to review the VMwar...

PT-2018-1080 · Vmware · Vsphere Integrated Containers +2

Name of the Vulnerable Software and Affected Versions: VMware vRealize Automation versions 7.2 through 7.3 vSphere Integrated Containers versions 1.x before 1.3 Description: The issue is caused by a deserialization vulnerability via Xenon, which may allow remote attackers to execute arbitrary cod...

VMSA-2018-0006:vRealize Automation, vSphere Integrated Containers, and AirWatch Console updates address multiple security vulnerabilities

VMSA-2018-0006 vRealize Automation, vSphere Integrated Containers, and AirWatch Console updates address multiple security vulnerabilities VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0006 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis:...