vSphere Replication 8.4 has the fix for vulnerabilities exposed and impacting VR 8.3.1.2.
After deploying HMS appliance, you can verify the installed package by:
# rpm -qa
CVE fixed? Resolved Version ------------------------------------------------------------------- CVE-2020-8492 fixed 2.7.17-4.ph3 CVE-2016-5636 fixed 2.7.12 CVE-2018-1000117 notAffected CVE-2019-13404 notAffected This CVE is for windows and does not affect linux. Also this is in disputed state. Hence, marking this as not a bug. CVE-2020-27619 fixed 3.7.5-8.ph3 CVE-2018-1000117 notAffected CVE-2019-13404 notAffected This CVE is for windows and does not affect linux. Also this is in a disputed state. Hence, marking this as not a bug. CVE-2020-27619 fixed 3.7.5-8.ph3