CIP – Toolkit from VMware, which is a set of utilities for certain administrative operations in the virtual infrastructure. Utilities are available both for Microsoft Windows, as well as for Apple Mac OS X. According to Prevention , published on the company website, the vulnerability is caused due to improper handling session files and allows to carry out the attack “man in the middle” or intercept a user’s session with a specially formed web-page. Error prone to the following products: The problem does not affect products vCloud Director 8.0.0 and 8.0.1. Before installing the updates for affected versions of CIP will need to update the current version of vCenter Server solutions, vCloud Director and vRealize Automation Identity Appliance. However, now the company VMware successfully managed to patch the vulnerability and since February’s troublesome glibc issue to be considered critical by the company. vCenter Server 5.5 U3a, U3b, U3c vCloud Director 5.5.5 for Windows vRealize Automation Identity Appliance 6.2.4 for Linux