Lucene search

[email protected]NVD:CVE-2010-4573

HistoryDec 22, 2010 - 9:00 p.m.

CVE-2010-4573

2010-12-2221:00:19

CWE-287

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.019 Low

EPSS

Percentile

88.6%

JSON

The Update Installer in VMware ESXi 4.1, when a modified sfcb.cfg is present, does not properly configure the SFCB authentication mode, which allows remote attackers to obtain access via an arbitrary username and password.

Affected configurations

NVD

Node

vmwareesxiMatch4.1

References

kb.vmware.com/kb/1031761

lists.vmware.com/pipermail/security-announce/2010/000114.html

secunia.com/advisories/42591

securitytracker.com/id?1024917

www.securityfocus.com/archive/1/515420/100/0/threaded

www.securityfocus.com/bid/45543

www.vmware.com/security/advisories/VMSA-2010-0020.html

www.vupen.com/english/advisories/2010/3303

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.019 Low

EPSS

Percentile

88.6%

JSON

Related for NVD:CVE-2010-4573

nessus1 prion1 vmware2 securityvulns2 cve1 cvelist1