-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2019.2535
           VMSA-2019-0011 ESXi patches address partial denial of
          service vulnerability in hostd process (CVE-2019-5528)
                               10 July 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           VMware ESXi
Publisher:         VMware
Operating System:  VMware ESX Server
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2019-5528  

Original Bulletin: 
   https://www.vmware.com/security/advisories/VMSA-2019-0011.html

- --------------------------BEGIN INCLUDED TEXT--------------------

VMware Security Advisories

+------------+----------------------------------------------------------------+
|Advisory ID |VMSA-2019-0011                                                  |
+------------+----------------------------------------------------------------+
|Advisory    |Moderate                                                        |
|Severity    |                                                                |
+------------+----------------------------------------------------------------+
|CVSSv3 Range|5.3                                                             |
+------------+----------------------------------------------------------------+
|Synopsis    |ESXi patches address partial denial of service vulnerability in |
|            |hostd process (CVE-2019-5528)                                   |
+------------+----------------------------------------------------------------+
|Issue Date  |2019-07-09                                                      |
+------------+----------------------------------------------------------------+
|Updated On  |2019-07-09 (Initial Advisory)                                   |
+------------+----------------------------------------------------------------+
|CVE(s)      |CVE-2019-5528                                                   |
+------------+----------------------------------------------------------------+

1. Impacted Products

  o ESXi

2. Introduction

A partial denial of service vulnerability in ESXi was reported to VMware
Security Response. Patches and workarounds are currently available to remediate
or workaround this vulnerability.

3. Partial denial of service vulnerability in ESXi hostd process
(CVE-2019-5528)

Description:

Multiple failed login attempts to ESXi may cause the hostd service to become
unresponsive resulting in a partial denial of service for management
functionality. VMware has evaluated the severity of this issue to be in the
Moderate severity range with a maximum CVSSv3 base score of 5.3.

Known Attack Vectors:

A malicious actor with network access to an ESXi host could create a partial
denial of service condition in management functionality. Successful
exploitation of this issue may cause hostd to become unresponsive resulting in
conditions such as an ESXi host disconnecting from vCenter.

Resolution:

To remediate this vulnerability, apply the patches listed in the 'Fixed
Version' column of the 'Resolution Matrix' found below.

Workarounds:

Workarounds are available for this issue, follow the instructions in the
documents linked in the 'Workarounds' section found below.

Additional Documentations:

None.

Acknowledgements:

None.
 
Notes:

  o If hostd becomes unresponsive due to CVE-2019-5528 the condition can be
    cleared by restarting the hostd service, it is not necessary to reboot the
    ESXi host.
  o Vulnerability scanners have been reported to trigger this vulnerability via
    multiple failed login attempts to ESXi.


Response Matrix:

+-------+-------+-------+-------------+------+--------+--------------------+-----------+----------+
|Product|Version|Running|CVE          |CVSSV3|Severity|Fixed Version       |Workarounds|Additional|
|       |       |On     |Identifier   |      |        |                    |           |Documents |
+-------+-------+-------+-------------+------+--------+--------------------+-----------+----------+
|ESXi   |6.7    |Any    |CVE-2019-5528|5.3   |Moderate|Patch Pending       |kb67920    |None      |
+-------+-------+-------+-------------+------+--------+--------------------+-----------+----------+
|ESXi   |6.5    |Any    |CVE-2019-5528|5.3   |Moderate|ESXi650-201907201-UG|kb67920    |None      |
+-------+-------+-------+-------------+------+--------+--------------------+-----------+----------+
|ESXi   |6.0    |Any    |CVE-2019-5528|N/A   |N/A     |Unaffected          |N/A        |N/A       |
+-------+-------+-------+-------------+------+--------+--------------------+-----------+----------+

4. References

Mitre CVE Dictionary Links:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5528

Fixed Version(s) and Release Notes:

ESXi650-201907201-UG:

Downloads:

https://my.vmware.com/group/vmware/patch

Documentation:

https://docs.vmware.com/en/VMware-vSphere/6.5/rn/
vsphere-esxi-65u3-release-notes.html


Workarounds:

https://kb.vmware.com/s/article/67920

5. Change log

2019-07-09: VMSA-2019-0011
Initial security advisory detailing remediations and workarounds available for
ESXi.

6. Contact

E-mail list for product security notifications and announcements:
https://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

This Security Advisory is posted to the following lists:
  security-announce@lists.vmware.com
  bugtraq@securityfocus.com
  fulldisclosure@seclists.org

E-mail: security@vmware.com

PGP key at:
https://kb.vmware.com/kb/1055

VMware Security Advisories
https://www.vmware.com/security/advisories

VMware Security Response Policy
https://www.vmware.com/support/policies/security_response.html

VMware Lifecycle Support Phases
https://www.vmware.com/support/policies/lifecycle.html

VMware Security & Compliance Blog  
https://blogs.vmware.com/security

Twitter
https://twitter.com/VMwareSRC

Copyright 2019 VMware Inc. All rights reserved.

VMware Logo
Contact Sales Get Support About VMware Careers Thought Leadership
(C) 2019 VMware, Inc Terms of Use Privacy Accessibility Site Map Trademarks

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXSV10maOgq3Tt24GAQiuGA//e9GXkFAUNPV3Y1oMGml6cXnYbRQEA48Y
EUjZU8f+WB916GiO/2YRjjOtFc/bq++zYYPDKg5inBMPwLCOiFyoFQFOlRLKlTKM
I4nGWBQJ2KgyGrLygvXi5GiJzmnHchpM2s2pfBnPtmLvDs8UMQDi3j9UDqNuR32L
8LJ7D6ORINc9CvIid7Eq5weIQ0yUaaxJwBB3NI1+5Q/UvuV38h78RcXrNrijb0PC
cOGy7xX4N97TtaJGbaXQChsuX33LqoBtOtON0LG9TfvpNAeagPHvLoS+wJ4FX0sq
88gEr9+1I8uVjJ1wA7PKiquzS2ezElTkZ1uRDBATPhG/W3l4zM4RKpx1d5dBAJTg
pAdMWuzr32zbU+ZRPu/7qiGR1LK5i3kb7wxvpUZ+Z75Sn5NuiumGC2y8V49Q9cGG
ElAkBmJWW+g6OuRnI8j3nw/VkvEjG5syzH6qS7LHmRSeHbiqlGdsvlXfNLHGJv++
JM+bWlS1fQVposfKS1Eb3UmWcTlyVBitA9bD816ppQrzQ8Ws5n/AwW0mphFjN6wT
OID+KyiT6BcEB9W13Hdr1d3CLNP4kqAZL6CUGYPfjLAkvsavmKMV3JY/9PP2vsq8
PLrj10ly0Qc+ExRlkK+moTeuMNljS2CCoowK4X5QE/LZkzoGp0yGQV6wSWAyxJx1
FMxdA3wjISM=
=j7QK
-----END PGP SIGNATURE-----