VMware Issues Patches for Vulnerabilities in ThinApp, ESXi

49
VMware Issues Patches for Vulnerabilities in ThinApp

Patches for vulnerabilities in VMware’s ThinApp application virtualization tool, ESXi hypervisor, and Cloud Foundation hybrid cloud platform are now available.

CVE-2021-21994, the most serious of these flaws, is an incorrect authentication problem in SFCB, which is used in ESXi. The bug has a CVSS score of 7.0, which indicates that it is critical.

A hostile actor with network access to port 5989 on ESXi might send a specially designed request to bypass SFCB authentication, according to VMware. Only if the SFCB service is running, the vulnerability can be exploited. The service, however, is disabled by default

To Read More: securityweek 

For more such updates follow us on Google News ITsecuritywire News