VMware, Xen Issue Urgent Patches

It’s going to be a virtual Christmas for virtualisation admins. VMware has let it be known that its vRealize Orchestrator, vRealize Operations, vCenter Operations and vCenter Application Discovery Manager products all need fixing to harden them against “a critical deserialization vulnerability”.

The flaw involves “Apache Commons-collections and a specially constructed chain of classes” and can result in “result in remote code execution, with the permissions of the application using the Commons-collections library.”

RELATED ARTICLESMORE FROM AUTHOR

Maintainer Confidential: Challenges and Opportunities One Year On

Bridging Design and Runtime Gaps: AsyncAPI in Event-Driven Architecture

Implementing OpenTelemetry Natively in an Event Broker

Innovation as a Catalyst in Telecommunications

Achieving Log Centralization and Analysis with Open Source SIEM and XDR: UTMStack

RELATED ARTICLES MORE FROM AUTHOR