KLA10665Obtain sensitive information vulnerability in VMware vCenter Server

2015-09-16T00:00:00
ID KLA10665
Type kaspersky
Reporter Kaspersky Lab
Modified 2019-03-07T00:00:00

Description

Detect date:

09/16/2015

Severity:

High

Description:

Improper certificate validation was found in VMware vCenter Server. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a traffic interception.

Affected products:

VMware vCenter Server 6.0 versions earlier than 6.0 update 1
VMware vCenter Server 5.5 versions earlier than 5.5 update 3

Solution:

Update to the latest version
vCenter download and buy page

Original advisories:

VMware advisory

Impacts:

OSI

Related products:

VMware vCenter Server

CVE-IDS:

CVE-2015-69325.8High