PRUEBA AHORA
Vulnerability

Two VMware vCenter DDOS Vulnerabilities Fixed

2 min. read
03/07/2019
By Esben Dochy
VMware vCenter Security Patch Vulnerability

VMware vCenter released a new security advisory (VMSA-2019-0010) detailing two Linux Kernel vulnerabilities in TCP selective acknowledgment (CVE-2019-11477, CVE-2019-11478). These vulnerabilities can lead to a denial of service attack causing your network’s performance to degrade or crash altogether.

VMware’s security advisory lists the following two vulnerabilities which affect a variety of VMware products:

  • CVE-2019-11477 – SACK Panic – A sequence of SACKs may be crafted such that one can trigger an integer overflow, leading to a kernel panic. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.5.
  • CVE-2019-11478 – SACK Excess Resource Usage – a crafted sequence of SACKs will fragment the TCP retransmission queue, causing resource exhaustion. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.

Attackers will need access to an affected system and be able to send traffic before being able to exploit the vulnerability. If an attacker is able to exploit the vulnerability, your network will experience issues similar to a conventional denial of service attack. This means that your network’s performance will suffer significantly or go down all together preventing anyone in your environment from using it. 

Discover Outdated vCenter Servers

Lansweeper retrieves detailed information from vCenter servers and the virtual environments they manage. With the custom color-coded vulnerability audit, you can tell you in no time which vCenter servers have an outdated build and need to be patched as soon as possible. The specific patches for your vCenter server appliance can be found by taking a look at the response matrix of the VMware security advisory.

Pepsico

If you haven’t already, start your free Lansweeper trial and get a report of all vulnerable devices in no time.