VMware vCenter Vulnerability | DDOS Attack | CVE-2019-11477 | CVE-2019-11478
iSpeech
VMware vCenter disclosed several vulnerabilities (CVE-2019-11477, CVE-2019-11478) that can lead to a denial of service (DDOS) attack. With Lansweeper you can find all vulnerable vCenters in your network who need to be updated. Read more: https://www.lansweeper.com/vulnerability/two-vmware-vcenter-ddos-vulnerabilities-fixed/
These vulnerabilities can lead to a denial of service attack causing your network's performance to degrade or crash altogether.
VMware's security advisory lists the following two vulnerabilities which affect a variety of VMware products:
CVE-2019-11477 - SACK Panic - A sequence of SACKs may be crafted such that one can trigger an integer overflow, leading to a kernel panic. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.5.
CVE-2019-11478 - SACK Excess Resource Usage - a crafted sequence of SACKs will fragment the TCP retransmission queue, causing resource exhaustion. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.
Attackers will need access to an affected system and be able to send traffic before being able to exploit the vulnerability. If an attacker is able to exploit the vulnerability, your network will experience issues similar to a conventional denial of service attack. This means that your network's performance will suffer significantly or go down all together preventing anyone in your environment from using it.
Discover Outdated vCenter Servers
Download our free report: https://www.lansweeper.com/report/vcenter-ddos-vulnerability-audit/
Lansweeper retrieves detailed information from vCenter servers and the virtual environments they manage. With the custom color-coded vulnerability audit, you can tell you in no time which vCenter servers have an outdated build and need to be patched as soon as possible. The specific patches for your vCenter server appliance can be found by taking a look at the response matrix of the VMware security advisory.
If you haven't already, start your free Lansweeper trial and get a report of all vulnerable devices in no time. Start your free trial today ► https://www.lansweeper.com/download
Lansweeper enables you to manages your entire IT network, saving an incredible amount of time by automating key tasks. It features best in class fully automatic asset scanning and network inventory software, to keep you on top of your IT-environment.
Recommended by sysadmins all over the world, download your Lansweeper free trial today and start managing your IT assets the right way.
Useful Links
Website ► https://www.lansweeper.com/
Knowledgebase ► https://www.lansweeper.com/kb/
Forum ► https://www.lansweeper.com/forum/
Blog ► https://www.lansweeper.com/blog/
Let’s Connect
Facebook ► https://www.facebook.com/lansweeper.network.inventory
Twitter ► https://twitter.com/lansweeper
Linkedin ► https://www.linkedin.com/company/lansweeper-bvba/
Contact ► Sales@lansweeper.com
2019-07-03 16:22:06
source
Gloss