Important VMware Security Advisory for NETLAB+ Customers

By / October 2, 2015 / , / 0 Comments

Please be aware that VMware has issued several security advisories and patches to address vulnerabilities in VMware vCSA and ESXi.

JMX RMI Vulnerability:

We strongly encourage you to apply the latest patches to the VMware vCSA and ESXi hosts on your NETLAB+ system.

Please see VMware Security Advisory VMSA-2015-0007 for additional details on this vulnerability and which patches are required:

Provided below are two VMware KB articles on how to successfully patch an ESXi host and vCSA respectively:

SSH Vulnerability in ESXi:

SSH is disabled on ESXi hosts by default.  If you have enabled SSH on ESXi hosts, please consider disabling it — it is not required by NETLAB+.  This will help mitigate security vulnerabilities that may arise from older OpenSSH versions. For example, a new vulnerability has been found (CVE-2015-5600) that impacts OpenSSH through version 6.9.  More info on this can be found in the link below: