Have you come across an error on your Vmware Web client with the message
" The Host is Potentially vounarable to issues discussed in CVE-2018-3646 " then you should read this .
It is a vulnerability that was reported in Intel CPUs. A local user can obtain potentially sensitive information from system memory. what worries us is that VMware ESXi is affected.
A local user can conduct a speculative execution side-channel attack against the L1 cache to infer potentially sensitive information from L1 cache memory on the target system.
This method is referred to as the "L1 Terminal Fault (L1TF)" or "Foreshadow" attack.
Microprocessors that support Intel Software Guard Extensions (SGX) are affected [CVE-2018-3615].
Other Intel microprocessors that use speculative execution and address translations may be affected [CVE-2018-3620].
Other Intel microprocessors that use speculative execution and address translations and that host virtual systems may be affected [CVE-2018-3646].
The end result is that A local user can obtain potentially sensitive information from L1 cache memory on the target system.
Anyway VMware has issued a fix for CVE-2018-3646 for VMware ESXi.
Check this Link for updates https://www.vmware.com/security/advisories/VMSA-2018-0020.html
Blog post Sources : https://securitytracker.com/id/1041456
https://kb.vmware.com/s/article/55636
If you are not aware about this issue before and if you reached this article to read about it , Please leave a comment here and share this link to your IT professionals groups so that we can fight it together .
" The Host is Potentially vounarable to issues discussed in CVE-2018-3646 " then you should read this .
It is a vulnerability that was reported in Intel CPUs. A local user can obtain potentially sensitive information from system memory. what worries us is that VMware ESXi is affected.
A local user can conduct a speculative execution side-channel attack against the L1 cache to infer potentially sensitive information from L1 cache memory on the target system.
This method is referred to as the "L1 Terminal Fault (L1TF)" or "Foreshadow" attack.
Microprocessors that support Intel Software Guard Extensions (SGX) are affected [CVE-2018-3615].
Other Intel microprocessors that use speculative execution and address translations may be affected [CVE-2018-3620].
Other Intel microprocessors that use speculative execution and address translations and that host virtual systems may be affected [CVE-2018-3646].
The end result is that A local user can obtain potentially sensitive information from L1 cache memory on the target system.
Anyway VMware has issued a fix for CVE-2018-3646 for VMware ESXi.
Check this Link for updates https://www.vmware.com/security/advisories/VMSA-2018-0020.html
Blog post Sources : https://securitytracker.com/id/1041456
https://kb.vmware.com/s/article/55636
If you are not aware about this issue before and if you reached this article to read about it , Please leave a comment here and share this link to your IT professionals groups so that we can fight it together .