Smarts NCM: Jboss security vulnerabilities - CVE-2012-0874, CVE-2013-4810
search cancel

Smarts NCM: Jboss security vulnerabilities - CVE-2012-0874, CVE-2013-4810

book

Article ID: 331229

calendar_today

Updated On:

Products

VMware Smart Assurance

Issue/Introduction

Symptoms:


Security vulnerability in Smarts NCM

We have a Vulnerability reported on Smarts NCM server.
Vulnerability Affected - JBoss EJBInvokerServlet / JMXInvokerServlet Marshalled Object Remote Code Execution. 
CVE - CVE-2012-0874 
Priority   High

Environment

VMware Smart Assurance - NCM

Resolution

The remediation/fix to these vulnerabilities will be available in Patch 2 of NCM 9.2.2a suite. Patch 2 is scheduled to be released by June 2014.