CVE-2014-8371 in vCenter Server
Resumen (Inglés)
VMware vCenter Server Appliance (vCSA) 5.5 before Update 2, 5.1 before Update 3, and 5.0 before Update 3c does not properly validate certificates when connecting to a CIM Server on an ESXi host, which allows man-in-the-middle attackers to spoof CIM servers via a crafted certificate.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Reservar
2014-10-21
Divulgación
2014-12-08
Estado
Confirmado
Voces
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidad | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 68351 | VMware vCenter Server Certificate Validation cifrado débil | 310 | No probado | Arreglo oficial | CVE-2014-8371 |
Descripción
CPE
CWE
CVSS
Hazañas
Historia
Diferencia
Relacionar
Inteligencia de amenazas
API JSON
API XML
API CSV