Lucene search
HistoryApr 11, 2014 - 7:55 p.m.
CVE-2014-1210
vmware
vsphere
client
update
ssl
security
certificate
vulnerability
6.3 Medium
AI Score
Confidence
Low
5.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.001 Low
EPSS
Percentile
24.8%
VMware vSphere Client 5.0 before Update 3 and 5.1 before Update 2 does not properly validate X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate.
Affected configurations
Node
vmwarevsphere_clientMatch5.0
ORvmwarevsphere_clientMatch5.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| vmware:vsphere_client | vmware vsphere client | eq | 5.0 |
| vmware:vsphere_client | vmware vsphere client | eq | 5.1 |
Related
nvd
nvd
CVE-2014-1210
2014-04-11 19:55:04
prion
prion
Design/Logic Flaw
2014-04-11 19:55:00
cvelist
cvelist
CVE-2014-1210
2014-04-11 19:00:00
kaspersky
kaspersky
KLA10436 Multiple vulnerabilities in VMware vSphere Client
2014-04-10 00:00:00
openvas
openvas
vmware
vmware
VMware vSphere Client updates address security vulnerabilities
2014-04-10 00:00:00
nessus
nessus
VMware vSphere Client Multiple Vulnerabilities (VMSA-2014-0003)
2014-04-17 00:00:00
6.3 Medium
AI Score
Confidence
Low
5.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.001 Low
EPSS
Percentile
24.8%
Related for CVE-2014-1210