CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-6932

VMware vCenter Server 5.5 before u3 and 6.0 before u1 does not verify X.509 certificates from TLS LDAP servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.5%

CVSS Severity

CVSS v2 Score 5.8

References

http://www.securitytracker.com/id/1033582
http://www.vmware.com/security/advisories/VMSA-2015-0006.html
http://www.securitytracker.com/id/1033582
http://www.vmware.com/security/advisories/VMSA-2015-0006.html

Products affected by CVE-2015-6932

Vmware » Vcenter Server » Version: 5.5

cpe:2.3:a:vmware:vcenter_server:5.5
Vmware » Vcenter Server » Version: 6.0

cpe:2.3:a:vmware:vcenter_server:6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-6932

Products

Pricing

Contact Us