VMware vCenter 6.0 LDAP Certificate Validation MitM Spoofing (VMSA-2015-0006)

The VMware vCenter Server installed on the remote host is version 6.0 prior to 6.0u1. It is, therefore, affected by a man-in-the-middle spoofing vulnerability due to improper validation of X.509 certificates from TLS LDAP servers. A remote, man-in-the-middle attacker can exploit this to intercept...

CVE-2015-6932

Summary: CVE-2015-6932 affects VMware vCenter Server 5.5 before 5.5u3 and 6.0 before 6.0u1. The vulnerability arises from improper validation of X.509 certificates when binding to TLS LDAP servers, allowing a remote attacker to perform a man-in-the-middle attack, spoof an LDAP TLS server, and pot...

KLA10665 Obtain sensitive information vulnerability in VMware vCenter Server

Improper certificate validation was found in VMware vCenter Server. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a traffic interception. Technical details This vulnerability can be exploited when vCenter Server...

VMware vCenter Server updates address a LDAP certificate validation issue

VMware vCenter Server LDAP certificate validation vulnerability. VMware vCenter Server does not validate the certificate when connecting to a single sign on identity source using LDAPS LDAP over SSL. This applies when connecting to Active Directory as an LDAP Server or OpenLDAP. Exploitation of...

VMSA-2015-0006:VMware vCenter Server updates address a LDAP certificate validation issue

VMSA-2015-0006.1 VMware vCenter Server updates address a LDAP certificate validation issue VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2015-0006.1 VMware Security AdvisorySynopsis: VMware vCenter Server updates address a LDAP certificate validation issue VMware Security...