CVE-2013-5971

MEDIUM

Session fixation vulnerability in the vSphere Web Client Server in VMware vCenter Server 5.0 before Update 3 allows remote attackers to hijack web sessions and gain privileges via unspecified vectors.

CVSS v2.0 Score

6.8

/ 10.0

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:P

Information

Published: 21 oct. 2013
Updated: 29 avr. 2026
Status: Modified
Source: cve@mitre.org

Affected products

vmware vcenter server

Versions : 5.0, 4.0.0.10021, 4.0.0.12305, 4.1, 4.1.0.12319

Weaknesses (CWE)

CWE-264

References (8)

http://osvdb.org/98718
http://www.securityfocus.com/bid/63218
http://www.vmware.com/security/advisories/VMSA-2013-0012.html
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/88134
http://osvdb.org/98718
http://www.securityfocus.com/bid/63218
http://www.vmware.com/security/advisories/VMSA-2013-0012.html
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/88134

Similar CVEs

Other vulnerabilities of type CWE-264

Loading…

Monitor your products

Get automatic alerts for every new CVE affecting your equipment.

Enable monitoring