Lucene search
VMwareVMSA-2013-0008HistoryJun 11, 2013 - 12:00 a.m.
VMware vCenter Chargeback Manager Remote Code Execution
2013-06-1100:00:00
www.vmware.com
20
0.923 High
EPSS
Percentile
99.0%
a. vCenter Chargeback Manager Remote Code Execution
The vCenter Chargeback Manager (CBM) contains a flaw in its handling of file uploads. Exploitation of this issue may allow an unauthenticated attacker to execute code remotely.
VMware would like to thank Andrea Micalizzi, aka rgod, for reporting this issue to us through HP’s Zero Day Initiative (ZDI).
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-3520 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.
Related
nvd
nvd
CVE-2013-3520
2013-06-17 03:29:45
cvelist
cvelist
CVE-2013-3520
2022-10-03 16:14:45
zdi
zdi
checkpoint_advisories
checkpoint_advisories
nessus
nessus
VMware vCenter Chargeback Manager Remote Code Execution (VMSA-2013-0008)
2013-06-14 00:00:00
packetstorm
packetstorm
VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload
2013-07-23 00:00:00
cve
cve
CVE-2013-3520
2022-10-03 16:14:45
prion
prion
Code injection
2013-06-17 03:29:00
zdt
zdt
VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload
2013-07-23 00:00:00