VMware on Saturday reissued a patch from October that incompletely addressed a critically rated remote code execution vulnerability in vCenter Server.
The original vulnerability, CVE-2015-2342, was a poorly configured JMX RMI service in vCenter Server that was remotely accessible. The flaw allowed unauthenticated attackers connect to the service and use it to run code on the server; versions 5.5, 5.1 and 5.0 are affected, VMware said. VCenter Server is used by organizations to manage their virtual server environments.
Fridayโs advisory from VMware said that the original patch for CVE-2015-2342 was incomplete, and an additional patch is required.
VMware said that Windows Firewall mitigates the vulnerability as well.
โEven if the Windows Firewall is enabled, users are advised to install the additional patch in order to remove the local privilege elevation,โ VMware said.
The original update also patched a remote code execution double free vulnerability in VMware ESXi OpenSLPโs SLPDProcessMessage() function, and a denial-of-service flaw in vCenter Serverโs vpxd. The server did not sanitize long heartbeat messages, which allowed unauthenticated attackers to crash the server.