CVE-2013-3107

MEDIUM

VMware vCenter Server 5.1 before Update 1, when anonymous LDAP binding for Active Directory is enabled, allows remote attackers to bypass authentication by providing a valid username in conjunction with an empty password.

CVSS v2.0 Score

4.3

/ 10.0

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N

Information

Published: 1 mai 2013
Updated: 29 avr. 2026
Status: Modified
Source: cve@mitre.org

Affected products

vmware vcenter server appliance

Versions : 5.0

Weaknesses (CWE)

CWE-264

References (2)

http://www.vmware.com/security/advisories/VMSA-2013-0006.html
Vendor Advisory
http://www.vmware.com/security/advisories/VMSA-2013-0006.html
Vendor Advisory

Similar CVEs

Other vulnerabilities of type CWE-264

Loading…

Monitor your products

Get automatic alerts for every new CVE affecting your equipment.

Enable monitoring