NEW VMSA-2016-0011 – vRealize Log Insight update addresses directory traversal vulnerability.

VMware Security Advisory


Advisory ID: VMSA-2016-0011

Severity:    Moderate

Synopsis:    vRealize Log Insight update addresses directory traversal


Issue date:  2016-08-11

Updated on:  2016-08-11 (Initial Advisory)

CVE number:  CVE-2016-5332


1. Summary


vRealize Log Insight update addresses directory traversal vulnerability.


2. Relevant Products


vRealize Log Insight


3. Directory traversal vulnerability in vRealize Log Insight


vRealize Log Insight contains a vulnerability that may allow for a directory

traversal attack. Exploitation of this issue may lead to a partial information

disclosure. There are no known workarounds for this issue.


VMware would like to thank Peter Nelson, Security Engineer at WakeMed Health

& Hospitals for reporting this issue to us.


The Common Vulnerabilities and Exposures project ( has assigned

the identifier CVE-2016-5332 to this issue.


Column 5 of the following table lists the action required to remediate the

vulnerability in each release, if a solution is available.


VMware                 Product   Running              Replace with/

Product                Version   on        Severity   Apply Patch     Workaround

====================   =======   =======   ========   =============   ==========

vRealize Log Insight   3.x       VA        Moderate   3.6.0           None

vRealize Log Insight   2.x       VA        Moderate   3.6.0           None


4. Solution


Please review the patch/release notes for your product and version and verify

the checksum of your downloaded file.


vRealize Log Insight 3.6.0

Downloads and Documentation:


5. References


– ————————————————————————


6. Change log


2016-08-11 VMSA-2016-0011 Initial security advisory in conjunction with the

release of vRealize Log Insight 3.6.0 on 2016-08-11.


Created on August 12, 2016 by Rick Scherer

Posted under Alert.

This blog has 1,738 views.

Tags: , , , ,

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

Leave a Comment

Name (required)

Email (required)



More Blog Post