Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-1405

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2013-1405
Last Modified 15 Feb 2013 12:00:00
Published 15 Feb 2013 07:09:29
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-1405

Summary

VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, VMware VirtualCenter 2.5, VMware vSphere Client 4.0 before Update 4b and 4.1 before Update 3a, VMware VI-Client 2.5, VMware ESXi 3.5 through 4.1, and VMware ESX 3.5 through 4.1 do not properly implement the management authentication protocol, which allow remote servers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Vulnerable Systems

Operating System

  • Vmware Esx 3.5

  • Vmware Esx 4.0

  • Vmware Esx 4.1

  • Vmware Esxi 3.5

  • Vmware Esxi 4.0

  • Vmware Esxi 4.1

Application

  • Vmware Vcenter Server 4.0

  • Vmware Vcenter Server 4.1

  • Vmware Vi-client 2.5

  • Vmware Virtualcenter 2.5

  • Vmware Vsphere Client 4.0

  • Vmware Vsphere Client 4.1


References

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2013-0001.html


Last Updated: 27 May 2016 11:01:53