Viewing Bulletin Status

See How to Deploy Bulletins to Your Managed Hypervisor.

Enables you to search for bulletins contained on the tab. To initiate a search you simply type the search criteria in the Search box. Only those bulletins that match the search criteria are displayed; all other bulletins are hidden.

• The Search tool works only on the information currently visible on the tab.
• The search will be performed on all information on the tab, not just the Bulletin Name column.
• All partial matches are displayed. For example, if you search for bulletins named Test, any bulletin with "test" in its name will be considered a match (e.g. Testbulletin1, Contest, etc.).
• The use of wildcards in the Search tool is not allowed.

If enabled, filters the contents of the tab so that the only bulletins displayed are those that are not replaced by newer bulletins. Use this check box to identify the vulnerabilities that have not yet been addressed.

Updates the bulletin information that is displayed on the tab.

The name or IP address of the ESXi hypervisor.

The bulletin name.

Identifies the name of the vendor that released the bulletin.

The original publication date of the bulletin that corrects this vulnerability.

Indicates the bulletin status at the time the scan was performed.

Shows the date and time that the bulletin was installed. This information will not be available if the bulletin was installed using a different Security Controls database or if the bulletin was not installed by Security Controls.

Shows the name of the user who installed the bulletin. This information will not be available if the bulletin was installed using a different Security Controls database or if the bulletin was not installed by Security Controls.

Indicates the severity level of the vulnerability that is corrected by this bulletin. The severity level can be one of the following:

• Critical: Vulnerabilities that can be exploited by an unauthenticated remote attacker or vulnerabilities that break guest/host operating system isolation. The exploitation results in the compromise of confidentiality, integrity, availability user data, or processing resources without user interaction. Exploitation could be leveraged to propagate an Internet worm or execute arbitrary code between virtual machines and the host.
• Important: Vulnerabilities whose exploitation results in the compromise of confidentiality, integrity, or availability of user data and processing resources. Such flaws could allow local users to gain privileges, allow authenticated remote users to execute arbitrary code, or allow local or remote users to easily cause a denial of service.
• Moderate: Flaws where the ability to exploit is mitigated to a significant degree by configuration or difficulty of exploitation, but in certain deployment scenarios could still lead to some compromise of the confidentiality, integrity, or availability of user data and processing resources. These are the types of vulnerabilities that could have had a critical impact or important impact but are less easily exploited based on a technical evaluation of the flaw, or affect unlikely configurations.
• Low: All other issues that have a security impact. Vulnerabilities where exploitation is believed to be extremely difficult, or where successful exploitation would have minimal impact.

The bulletin category can be one of the following:

• Security: The bulletins that belong to this category fix one or more potential security vulnerabilities. The bulletin may also contain bug fixes.
• Bug fix: The bulletins that belong to this category contain one or more bug fixes.
• Other: For backward compatibility. For example, for updates without a category specified or for obsolete categories.

Indicates the impact that applying the bulletin will have on the virtual machine and hypervisor.

The bulletin that contains a more recent update for the vulnerability.