Merhaba, yeni yılın ilk güvenlik açığı duyurusu yapıldı 😀
VMware Workstation, Fusion ve ESX-i hypervisor’ü etkileyen heap-overflow zafiyeti duyuruldu. (CVE-2021-22045) puanı CVSSv3 7.7 (important).
Etkilenen ürünler;
- VMware ESXi
- VMware Workstation
- VMware Fusion
- VMware Cloud Foundation
Çözüm için yayınlanan response matrix aşağıdaki gibidir.
Product | Version | Running On | CVE Identifier | CVSSv3 | Severity | Fixed Version | Workarounds | Additional Documentation |
ESXi | 7.0 | Any | CVE-2021-22045 | 7.7 | Important | Patch Pending | KB87249 | None |
ESXi | 6.7 | Any | CVE-2021-22045 | 7.7 | Important | ESXi670-202111101-SG | KB87249 | None |
ESXi | 6.5 | Any | CVE-2021-22045 | 7.7 | Important | ESXi650-202110101-SG | KB87249 | None |
Workstation | 16.x | Any | CVE-2021-22045 | 7.7 | Important | 16.2.0 | KB87206 | None |
Fusion | 12.x | OS X | CVE-2021-22045 | 7.7 | Important | 12.2.0 | KB87207 | None |
Impacted Product Suites that Deploy Response Matrix Components:
Product | Version | Running On | CVE Identifier | CVSSv3 | Severity | Fixed Version | Workarounds | Additional Documentation |
VMware Cloud Foundation (ESXi) | 4.x | Any | CVE-2021-22045 | 7.7 | Important | Patch Pending | KB87249 | None |
VMware Cloud Foundation (ESXi) | 3.x | Any | CVE-2021-22045 | 7.7 | Important | Patch Pending | KB87249 | None |
İyi fixlemeler , ilgili security advisory sayfası için tıklayınız.