CVE-2017-4952

Name of the Vulnerable Software and Affected Versions: VMware Xenon versions prior to 1.5.4-CR7 1 VMware Xenon versions prior to 1.5.7 7 VMware Xenon versions prior to 1.5.4-CR6 2 VMware Xenon versions prior to 1.3.7-CR1 2 VMware Xenon versions prior to 1.1.0-CR0-3 VMware Xenon versions prior to 1.1.0-CR3 1 VMware Xenon versions prior to 1.4.2-CR4 1 VMware Xenon versions prior to 1.5.4 8

Description: The issue is due to insufficient access controls for utility endpoints, which may result in information disclosure if successfully exploited.

Recommendations: For versions prior to 1.5.4-CR7 1, update to version 1.5.4-CR7 1 or later. For versions prior to 1.5.7 7, update to version 1.5.7 7 or later. For versions prior to 1.5.4-CR6 2, update to version 1.5.4-CR6 2 or later. For versions prior to 1.3.7-CR1 2, update to version 1.3.7-CR1 2 or later. For versions prior to 1.1.0-CR0-3, update to version 1.1.0-CR0-3 or later. For versions prior to 1.1.0-CR3 1, update to version 1.1.0-CR3 1 or later. For versions prior to 1.4.2-CR4 1, update to version 1.4.2-CR4 1 or later. For versions prior to 1.5.4 8, update to version 1.5.4 8 or later.