VMware ESXi and ESX security update for third party library

2013-03-2800:00:00

www.vmware.com

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.05 Low

EPSS

Percentile

92.7%

JSON

a. Update to ESX/ESXi libxml2 userworld and service console.

The ESX/ESXi userworld libxml2 library has been updated to resolve a security issue. Also, the ESX service console libxml2 packages are updated to the following versions:

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-5134 to this issue.

Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.

CPENameOperatorVersion
esxiltESXi510-201304101-SG
esxiltESXi500-201303101-SG
esxiltESXi410-201304401-SG
esxiltESXi400-201305401-SG
esxltESX410-201304401-SG
esxltESX400-201305404-SG

Name	Operator	Version
esxi	lt	ESXi510-201304101-SG
esxi	lt	ESXi500-201303101-SG
esxi	lt	ESXi410-201304401-SG
esxi	lt	ESXi400-201305401-SG
esx	lt	ESX410-201304401-SG
esx	lt	ESX400-201305404-SG