VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, VMware VirtualCenter 2.5, VMware vSphere Client 4.0 before Update 4b and 4.1 before Update 3a, VMware VI-Client 2.5, VMware ESXi 3.5 through 4.1, and VMware ESX 3.5 through 4.1 do not properly implement the management authentication protocol, which allow remote servers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CVSS v2.0 Score
10.0
/ 10.0
HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Information
- Published
- 15 févr. 2013
- Updated
- 29 avr. 2026
- Status
- Modified
- Source
- cve@mitre.org
Affected products
vmware vcenter server
Versions : 4.0, 4.1
vmware virtualcenter
Versions : 2.5
vmware vsphere client
Versions : 4.0, 4.1
vmware vi-client
Versions : 2.5
vmware esxi
Versions : 3.5, 4.0, 4.1
vmware esx
Versions : 3.5, 4.0, 4.1
Weaknesses (CWE)
CWE-287
References (2)
Similar CVEs
Other vulnerabilities of type CWE-287
Loading…
Monitor your products
Get automatic alerts for every new CVE affecting your equipment.