Rewterz Threat Advisory – CVE-2019-5528 – VMware ESXi hostd Denial of Service Vulnerability

Negligent Employees And Their Vulnerability to Social Engineering

July 11, 2019

Rewterz Threat Advisory – CVE-2019-10639 – Linux Kernel “net_hash_mix()” Information Disclosure Vulnerability

July 11, 2019

Rewterz Threat Advisory – CVE-2019-5528 – VMware ESXi hostd Denial of Service Vulnerability

Severity

Medium

Analysis Summary

An error related to handling multiple failed login attempts can be exploited to cause the hostd service to become unresponsive and subsequently cause a DoS condition for management functionality.

Impact

Denial of Service

Affected Vendors

VMWare

Affected Products

VMware ESXi versions 6.5 and 6.7

Remediation

Update to a fixed version if available.

Versions 6.5: Update to version ESXi650-201907201-UG.

Versions 6.7: No official solution is currently available.

Negligent Employees And Their Vulnerability to Social Engineering

Rewterz Threat Advisory – CVE-2019-10639 – Linux Kernel “net_hash_mix()” Information Disclosure Vulnerability

Rewterz Threat Advisory – CVE-2019-5528 – VMware ESXi hostd Denial of Service Vulnerability

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan