Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
327
Views
0
Helpful
2
Replies

VMWare Vulnerabilities

Javier Cuadros
Level 1
Level 1

‎02-18-2015 08:14 AM - last edited on ‎03-25-2019 07:04 PM by Community Manager

Hi Experts,

 

Actually i'm woking on a BE6k installation and everything is ok but security on VMWare. Customer did a security analysis on all machinnes and found varoius vulnerabilities on VMWare ESXi 5.1, as the report says VMSA-2015-0001 ESXi Multiple Vulnerabilities, Man In The Middle SSL/TLS from Openssl, VMSA-2014-0002, VMSA-2014-0005, VMSA-2014-0006, VMSA-2014-0008, VMSA-2014-0012 among others. my question is, do i can download a regular VMWare patch upgrade and install it with no problems? or i need to search on cisco downloads any special cisco patch for vmware? anyone can help me finding the rigth way please?

 

thanks.

Labels:
0 Helpful
2 Replies 2

Manish Gogna
Cisco Employee
Cisco Employee

‎02-18-2015 09:25 PM

Hi Javier,

You can open a TAC case with the Server Virtualization team of Cisco , they should be able to guide you on this.

HTH

Manish

0 Helpful

Javier Cuadros
Level 1
Level 1

‎02-19-2015 08:11 AM

Hi,

 

I want to share my experience since i already figured out how to solve it.

On the following link:

http://docwiki.cisco.com/wiki/Unified_Communications_VMware_Requirements

Cisco is clear answering my question:

Supported Versions, Patches and Updates of VMware vSphere ESXi

ESXi Major/Minor Versions, Maintenance Versions and Patches/Updates

  • Cisco Collaboration apps will explicitly indicate which Major/Minor versions they support (e.g. ESXi 4.0, 4.1, 5.0, 5.1, 5.5).  There is no "or later" ... unlisted versions are not tested/supported.
  • With a particular supported major/minor version (such as ESXi 5.1)...
  • A Cisco Collaboration app will only specifiy a minimum maintenance release (e.g. 5.1 U1) if required by its guest OS or for hardware compatibility.
  • A Cisco Collaboration app will only specify a MAXIMUM maintenance release if there are known incompatibilitites.  To date this has never been the case, so if the hardware vendor supports it, it is allowed even if unlisted.  Cisco recommendation is to use the latest Maintenance release supported by the hardware vendor.
  •  

So i proceed to download the VMWare patch from 5.1.0 to 5.1U3 and successfully applied. now the customer is validating security vulnerabilities again to vmware patched version. 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents