Release date: December 19, 2017
Patch Category | Security |
Patch Severity | Important |
Host Reboot Required | No |
Virtual Machine Migration or Shutdown Required | No |
Affected Hardware | N/A |
Affected Software | N/A |
VIBs Included |
|
PRs Fixed | 1978164 |
Related CVE numbers | CVE-2017-4940 |
This patch updates the esx-ui VIB to resolve the following issue:
This release resolves a vulnerability in the ESXi Embedded Host Client that might allow for stored cross-site scripting (XSS). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2017-4940 to this issue.