VMware vCenter Server Multiple Java Vulnerabilities (VMSA-2015-0003) (POODLE)
Critical Nessus Plugin ID 83186
SynopsisThe remote host has a virtualization management application installed that is affected by multiple vulnerabilities.
DescriptionThe VMware vCenter Server installed on the remote host is version 5.0 prior to 5.0u3d, 5.1 prior to 5.1u3a, 5.5 prior to 5.5u2e, or 6.0 prior to 6.0.0a. It is, therefore, affected by a man-in-the-middle (MitM) information disclosure vulnerability known as POODLE, related to the bundled JRE component. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. MitM attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.
Additionally, multiple unspecified vulnerabilities also exist in the following bundled JRE components :
- 2D (CVE-2014-6585, CVE-2014-6591)
- Deployment (CVE-2015-0403, CVE-2015-0406)
- Hotspot (CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0437)
- Installation (CVE-2015-0421)
- JAX-WS (CVE-2015-0412)
- JSSE (CVE-2014-6593)
- Libraries (CVE-2014-6549, CVE-2014-6587, CVE-2015-0400)
- RMI (CVE-2015-0408)
- Security (CVE-2015-0410)
- Serviceability (CVE-2015-0413)
- Swing (CVE-2015-0407)
SolutionUpgrade to VMware vCenter Server 5.0u3d (5.0.0 build-2656067) / 5.1u3a (5.1.0 build-2669725) / 5.5u2e (5.5.0 build-2646482) / 6.0.0a (6.0.0 build-2656757) or later.