OPERATIONAL DEFECT DATABASE
...
...
Scanning tool exposed high vulnerabilities on vSphere Replication appliance 8.3.1.2 with the following python versionsPython 2.7.8 python231 3992718 CVE-2020-8492Python 3.3.6 python231 4487898 CVE-2016-5636Python 3.3.6 python231 4487898 CVE-2018-1000117Python 3.3.6 python231 4487898 CVE-2019-13404Python 3.3.6 python231 4487898 CVE-2020-27619Python 3.4.5 python231 6406850 CVE-2018-1000117Python 3.4.5 python231 6406850 CVE-2019-13404Python 3.4.5 python231 6406850 CVE-2020-27619
vSphere Replication 8.4 has the fix for vulnerabilities exposed and impacting VR 8.3.1.2.After deploying HMS appliance, you can verify the installed package by: # rpm -qa CVE fixed? Resolved Version-------------------------------------------------------------------CVE-2020-8492 fixed 2.7.17-4.ph3CVE-2016-5636 fixed 2.7.12CVE-2018-1000117 notAffected CVE-2019-13404 notAffected This CVE is for windows and does not affect linux. Also this is in disputed state. Hence, marking this as not a bug.CVE-2020-27619 fixed 3.7.5-8.ph3CVE-2018-1000117 notAffected CVE-2019-13404 notAffected This CVE is for windows and does not affect linux. Also this is in a disputed state. Hence, marking this as not a bug.CVE-2020-27619 fixed 3.7.5-8.ph3
Click on a version to see all relevant bugs
VMware Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
