Lucene search

K
cve
Cve@mitre.orgCVE-2013-1659
HistoryFeb 22, 2013 - 8:55 p.m.

CVE-2013-1659

2013-02-2220:55:00
NVD-CWE-Other
cve@mitre.org
web.nvd.nist.gov
24
vmware
vcenter server
esxi
nfc protocol
man-in-the-middle
code execution
denial of service
cve-2013-1659

7.3 High

AI Score

Confidence

High

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

46.2%

VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5.1 before 5.1.0b; VMware ESXi 3.5 through 5.1; and VMware ESX 3.5 through 4.1 do not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption) by modifying the client-server data stream.

How to protect your server from attacks?

7.3 High

AI Score

Confidence

High

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

46.2%

Related for CVE-2013-1659