VMware NSX Edge Information Disclosure (VMSA-2016-0007)
Medium Nessus Plugin ID 95260
SynopsisThe remote host is affected by an information disclosure vulnerability.
DescriptionThe version of VMware NSX Edge installed on the remote host is 6.1.x prior to 6.1.7 or 6.2.x prior to 6.2.3. It is, therefore, affected by a flaw in the SSL-VPN feature due to improper validation of input. An unauthenticated, remote attacker can exploit this to disclose potentially sensitive information. Note that this issue only applies when SSL-VPN is enabled.
SolutionUpgrade to VMware NSX Edge version 6.1.7 / 6.2.3 or later.