Lucene search

K
vmwareVMwareVMSA-2013-0003
HistoryFeb 21, 2013 - 12:00 a.m.

VMware vCenter Server, ESXi and ESX address an NFC Protocol memory corruption and third party library security issues.

2013-02-2100:00:00
www.vmware.com
109
vmware
vcenter server
esxi
esx
nfc protocol
memory corruption
vulnerability
network file copy
code execution
exploitation
vsphere components
management network
security issue
cve-2013-1659

EPSS

0.108

Percentile

95.2%

a. VMware vCenter, ESXi and ESX NFC protocol memory corruption vulnerability

VMware vCenter Server, ESXi and ESX contain a vulnerability in the handling of the Network File Copy (NFC) protocol. To exploit this vulnerability, an attacker must intercept and modify the NFC traffic between vCenter Server and the client or ESXi/ESX and the client. Exploitation of the issue may lead to code execution.To reduce the likelihood of exploitation, vSphere components should be deployed on an isolated management networkVMware would like to thank Alex Chapman of Context Information Security for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-1659 to this issue.Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.