Mark Woollatt

Name of the Vulnerable Software and Affected Versions: VMware VirtualCenter version 2.5 before Update 3 build 119838 Description: The issue allows physically proximate attackers to steal a user's password when it contains unspecified special characters, as the password is displayed in cleartext. Recommendations: For VMware VirtualCenter version 2.5 before Update 3 build 119838, update to Update 3 build 119838 or later to resolve the issue. As a temporary workaround, consider avoiding the use of special characters in passwords until the update is applied.