Lucene search

K
cve[email protected]CVE-2014-1209
HistoryApr 11, 2014 - 7:55 p.m.

CVE-2014-1209

2014-04-1119:55:04
CWE-20
web.nvd.nist.gov
29
cve-2014-1209
vmware vsphere
client 4.0
client 4.1
client 5.0
client 5.1
remote code execution
nvd

6.9 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.01 Low

EPSS

Percentile

83.6%

VMware vSphere Client 4.0, 4.1, 5.0 before Update 3, and 5.1 before Update 2 does not properly validate updates to Client files, which allows remote attackers to trigger the downloading and execution of an arbitrary program via unspecified vectors.

Affected configurations

NVD
Node
vmwarevsphere_clientMatch4.0
OR
vmwarevsphere_clientMatch4.1
OR
vmwarevsphere_clientMatch5.0
OR
vmwarevsphere_clientMatch5.1

6.9 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.01 Low

EPSS

Percentile

83.6%