CVE-2010-0686

Name of the Vulnerable Software and Affected Versions VMware VirtualCenter versions 2.0.2 through 2.5 VMware Server version 2.0 VMware ESX versions 3.0.3 through 3.5

Description The issue allows remote attackers to leverage proxy-server functionality to spoof the origin of requests via unspecified vectors, related to a "URL forwarding vulnerability." This could potentially lead to unauthorized access or actions.

Recommendations For VMware VirtualCenter versions 2.0.2 through 2.5, consider restricting access to the WebAccess component until a fix is available. For VMware Server version 2.0, restrict the use of proxy-server functionality to minimize the risk of exploitation. For VMware ESX versions 3.0.3 through 3.5, avoid using the WebAccess feature in VMware VirtualCenter to prevent potential spoofing of request origins.