[DPP] vSphere Subscription and Cloud Services

 View Only
Back to discussions
Expand all | Collapse all

OpenSSL security vulnerability in VMware Workstation Pro 17.6.3 - Urgent

  • 1.  OpenSSL security vulnerability in VMware Workstation Pro 17.6.3 - Urgent

    Posted Jul 10, 2025 10:46 AM
    Description:
    I installed VMware Workstation Pro 17.6.3 on Ubuntu 24.04.02 LTS. 
    Currently, when I scan for security vulnerabilities using Nessus Tenable, the following errors appear:
     
    1. CVE-2024-5535 
    Name: OpenSSL 3.0.0 < 3.0.15 Vulnerability
    Solution: Upgrade to OpenSSL version 3.0.15 or later.
    Plugin output:
      Path             : /usr/lib/vmware/lib/libcrypto.so.3/libcrypto.so.3
      Reported version : 3.0.14
      Fixed version    : 3.0.15
      
    2. CVE-2024-2511
    Name: OpenSSL 3.0.0 < 3.0.14 Multiple Vulnerabilities
    Solution: Upgrade to OpenSSL version 3.0.14 or later.
    Plugin output:
      Path             : /usr/lib/vmware-ovftool/libcrypto.so.3
      Reported version : 3.0.13
      Fixed version    : 3.0.14
     
    3. CVE-2024-4603
    Name: OpenSSL 3.0.0 < 3.0.14 Multiple Vulnerabilities
    Solution: Upgrade to OpenSSL version 3.0.14 or later.
    Plugin output:
      Path             : /usr/lib/vmware-ovftool/libcrypto.so.3
      Reported version : 3.0.13
      Fixed version    : 3.0.14
     
    4. CVE-2024-4741
    Name: OpenSSL 3.0.0 < 3.0.14 Multiple Vulnerabilities
    Solution: Upgrade to OpenSSL version 3.0.14 or later.
    Plugin output:
      Path             : /usr/lib/vmware-ovftool/libcrypto.so.3
      Reported version : 3.0.13
      Fixed version    : 3.0.14
      
    Have you ever encountered an error like this before? Is there a way to fix it? 
    I need to resolve this urgently, please help me.:(