NSX Bytes: Critical Update for NSX-v and vCNS
Most vCloud Director based instances won’t have the SSL-VPN enabled due to it not being exposed through the vCD UI however some Service Providers may offer this as a managed service as it’s one of the strongest features of the Edge Gateways. The issue detailed in the CVE is summarized below.
VMware NSX and vCNS with SSL-VPN enabled contain a critical input validation vulnerability. This issue may allow a remote attacker to gain access to sensitive information.
In a nutshell you need to upgrade an existing version of NSX-v or vCNS to the version below. As per usual if you have the entitlements go ahead and download the updates from the links below.
- NSX Edge: 6.2 -> 6.2.3
- NSX Edge: 6.1 -> 6.1.7
- vCNS Edge: 5.5 -> 220.127.116.11
NSX-v Downloads: https://www.vmware.com/go/download-nsx-vsphere
vCNS Downloads: https://www.vmware.com/go/download-vcd-ns