Security Threat | VMware Virtual Appliances OS

Subscribe to the blog to receive the latest articles

VMware has announced this security advisory on 29/11/2018.

Advisory ID: VMSA-2018-0021

Severity:       Moderate

CVENUmber : CVE-2018-3620

Symptoms: OS vulnerability in VMware Virtual Appliances.


Affected products:

  • vCloud Usage Meter (UM)
  • Identity Manager (vIDM)
  • vCenter Server Appliance (vCSA)
  • vSphere Data Protection (VDP)
  • vSphere Integrated Containers (VIC)
  • vRealize Automation (vRA)

Problem Description:

VMware Virtual Appliance Mitigations address L1 Terminal Fault – OS vulnerability. Successful exploitation of this issue may lead to local information disclosure of sensitive information. Unaffected products lines are documented in KB55807.
The Common Vulnerabilities and Exposures project ( has assigned the identifier CVE-2018-3620 to this issue.


Apply the relevant patch to the product you have.


Download links

vCenter Server Appliance 6.7u1
Downloads and Documentation:

vCenter Server Appliance 6.5u2d
Downloads and Documentation: 

vSphere Integrated Containers 1.4.3
Downloads and Documentation:

vRealize Automation 7.5.0
Downloads and Documentation:


For more information visit the advisory VMSA-2018-0021 page.






Leave a Reply

%d bloggers like this: