Article number
Affected Versions
Source Hypervisor
Target Hypervisor

How to Avoid Impact of CVE-2018-15473

Viewed 200 times


Administrators are approaching Zerto asking if and how they are impacted by a recently raised security vulnerability, CVE-2018-15473.


The CVE describes the ability of a user to verify if a username exists or not on the server. For the VRA, although the CVE exists, poses a very minor risk if at all.

In addition, according to this article there is a patch which can be manually applied on the VRA (Zerto version 7.5 and later).

With that said, Zerto should be upgraded to 7.5 and the patch be applied to each VRA as found in the link above.

** Note: Re-install/VRA upgrades post-patch application will require the patch be applied again. **