VMware vRealizes that vRealize has XSS bugs on Linux

VMware vRealizes that vRealize has XSS bugs on Linux


A tricky Tuesday for VMware’s vRealize products, which have received the first maintenance release for version 7 and also become the subject of a security alert.
Let’s do the alert first, as it explains that several vRealize products have a pair of cross-site-scripting bugs that could compromise a user’s workstation.
The mess means that vRealize Business Advanced and Enterprise 8.x on Linux need a patch, to version 8.2.5. VMware vRealize Automation has a similar problem. This one’s nothing to cancel a good lunch over: it only impacts version 6.x on Linux. Upgrading to version 6.2.4 will sort things out.
In happier news, vRealize Automation is now at version 7.01, a change Virtzilla bills as offering “several new features and enhancements” in addition to the usual housekeeping to be expected in a .01 release.
The new bits include a management agent to automate the installation of Windows components and to collect logs, and an installation Wizard that automates a Minimal or Enterprise installation.

Source: http://www.theregister.co.uk/2016/03/16/vmware_vrealizes_that_vrealize_has_xss_bugs_on_linux/
Submitted by: Arnfried Walbrecht


Comments are closed.