CVE-2014-8371 in vCenter Serverinformation

Résumé (Anglaise)

VMware vCenter Server Appliance (vCSA) 5.5 before Update 2, 5.1 before Update 3, and 5.0 before Update 3c does not properly validate certificates when connecting to a CIM Server on an ESXi host, which allows man-in-the-middle attackers to spoof CIM servers via a crafted certificate.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Réserver

21/10/2014

Divulgation

08/12/2014

Statut

Confirmé

Entrées

VulDB provides additional information and datapoints for this CVE:

ID	Vulnérabilité	CWE	Exp	Con	CVE
68351	VMware vCenter Server Certificate Validation chiffrement faible	310	Non prouvée	Correctif officiel	CVE-2014-8371

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PrécédentAperçuSuivant ▸

Want to know what is going to be exploited?

We predict KEV entries!