Viewing Bulletin Status

The Bulletins tab displays the status of the security bulletins that have been issued for the ESXi hypervisor(s) selected in the top pane. If multiple hypervisors are selected in the top pane, this tab will display bulletin information for all selected hypervisors.

A bulletin that is scheduled for deployment is considered to be still missing. This status will change after the bulletin is successfully installed and the screen is refreshed.

You can customize the way information is displayed within this tab. See Customizing the Column Headers for information.


Deploy selected bulletins

See How to Deploy Bulletins to Your Managed Hypervisor.


Enables you to search for bulletins contained on the tab. To initiate a search you simply type the search criteria in the Search box. Only those bulletins that match the search criteria are displayed; all other bulletins are hidden.

  • The Search tool works only on the information currently visible on the tab.

  • The search will be performed on all information on the tab, not just the Bulletin Name column.

  • All partial matches are displayed. For example, if you search for bulletins named Test, any bulletin with "test" in its name will be considered a match (e.g. Testbulletin1, Contest, etc.).

  • The use of wildcards in the Search tool is not allowed.

Only show latest

If enabled, filters the contents of the tab so that the only bulletins displayed are those that are not replaced by newer bulletins. Use this check box to identify the vulnerabilities that have not yet been addressed.


Updates the bulletin information that is displayed on the tab.

ESXi Hypervisor

The name or IP address of the ESXi hypervisor.

Bulletin Name

The bulletin name.


Identifies the name of the vendor that released the bulletin.

Release Date

The original publication date of the bulletin that corrects this vulnerability.

Compliance (Status)

Indicates the bulletin status at the time the scan was performed.


Indicates the severity level of the vulnerability that is corrected by this bulletin. The severity level can be one of the following:

  • Critical: Vulnerabilities that can be exploited by an unauthenticated remote attacker or vulnerabilities that break guest/host operating system isolation. The exploitation results in the compromise of confidentiality, integrity, availability user data, or processing resources without user interaction. Exploitation could be leveraged to propagate an Internet worm or execute arbitrary code between virtual machines and the host.

  • Important: Vulnerabilities whose exploitation results in the compromise of confidentiality, integrity, or availability of user data and processing resources. Such flaws could allow local users to gain privileges, allow authenticated remote users to execute arbitrary code, or allow local or remote users to easily cause a denial of service.

  • Moderate: Flaws where the ability to exploit is mitigated to a significant degree by configuration or difficulty of exploitation, but in certain deployment scenarios could still lead to some compromise of the confidentiality, integrity, or availability of user data and processing resources. These are the types of vulnerabilities that could have had a critical impact or important impact but are less easily exploited based on a technical evaluation of the flaw, or affect unlikely configurations.

  • Low: All other issues that have a security impact. Vulnerabilities where exploitation is believed to be extremely difficult, or where successful exploitation would have minimal impact.


The bulletin category can be one of the following:

  • Security: The bulletins that belong to this category fix one or more potential security vulnerabilities. The bulletin may also contain bug fixes.

  • Bug fix: The bulletins that belong to this category contain one or more bug fixes.

  • Other: For backward compatibility. For example, for updates without a category specified or for obsolete categories.


Indicates the impact that applying the bulletin will have on the virtual machine and hypervisor.

Replaced By

The bulletin that contains a more recent update for the vulnerability.


Provides a short description of the bulletin.