Vmware: >> Vcenter Server Appliance Security Vulnerabilities
VMware vCenter Server 4.1 before Update 3 and 5.0 before Update 2, and vCSA 5.0 before Update 2, allows remote attackers to cause a denial of service (disk consumption) via vectors that trigger large log entries.
CVSS Score
7.8
EPSS Score
0.004
Published
2013-02-22
VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5.1 before 5.1.0b; VMware ESXi 3.5 through 5.1; and VMware ESX 3.5 through 4.1 do not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption) by modifying the client-server data stream.
CVSS Score
7.6
EPSS Score
0.011
Published
2013-02-22
Directory traversal vulnerability in VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 and 5.1 before Patch 1 allows remote authenticated users to read arbitrary files via unspecified vectors.
CVSS Score
4.0
EPSS Score
0.001
Published
2012-12-21
VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 does not properly parse XML documents, which allows remote authenticated users to read arbitrary files via unspecified vectors.
CVSS Score
4.0
EPSS Score
0.001
Published
2012-12-21
Page 2