Lucene search
VMwareVMSA-2018-0006HistoryJan 26, 2018 - 12:00 a.m.
vRealize Automation, vSphere Integrated Containers, and AirWatch Console updates address multiple security vulnerabilities
2018-01-2600:00:00
www.vmware.com
556
EPSS
0.035
Percentile
91.6%
a. vRealize Automation and vSphere Integrated Containers deserialization vulnerability via Xenon
vRealize Automation and vSphere Integrated Containers contain a deserialization vulnerability via Xenon. Successful exploitation of this issue may allow remote attackers to execute arbitrary code on the appliance.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2017-4947 to this issue.
Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
Related
nessus
nessus
VMware vRealize Automation Deserialization Vulnerability (VMSA-2018-0006)
2018-02-06 00:00:00
VMware AirWatch Console 9.1.x < 9.1.5 / 9.2.x < 9.2.2 XSRF
2018-02-02 00:00:00
prion
prion
Cross site request forgery (csrf)
2018-01-29 16:29:00
Deserialization of untrusted data
2018-01-29 16:29:00
cvelist
cvelist
CVE-2017-4951
2018-01-29 16:00:00
CVE-2017-4947
2018-01-29 16:00:00
nvd
nvd
CVE-2017-4951
2018-01-29 16:29:00
CVE-2017-4947
2018-01-29 16:29:00
cve
cve
CVE-2017-4951
2018-01-29 16:29:00
CVE-2017-4947
2018-01-29 16:29:00
veracode
veracode
Remote Code Execution (RCE)
2018-01-29 04:55:16