KLA10436Multiple vulnerabilities in VMware vSphere Client

2014-04-10T00:00:00
ID KLA10436
Type kaspersky
Reporter Kaspersky Lab
Modified 2018-07-05T00:00:00

Description

CVSS:

9.3

Detect date:

04/10/2014

Severity:

Critical

Description:

Multiple critical vulnerabilities have been found in VMware vSphere. Malicious users can exploit these vulnerabilities to execute arbitrary code or bypass security.
Below is a complete list of vulnerabilities

Affected products:

VMware vSphere Client 4 versions 4.0, 4.1
VMware vSphere Client 5 versions 5.0, 5.1

Solution:

Update vSphere client to safe version. Use one of these links or go to VMware bulletin for instructions.
vCenter Server 5.1 update
vCenter Server 5.0 update

Original advisories:

VMware bulletin

Impacts:

ACE

Related products:

VMware vSphere Client

CVE-IDS:

CVE-2014-1210
CVE-2014-1209