PT-2012-3319 · Vmware · Vcenter Server+1

Publicado

2012-03-16

Atualizado

2018-01-06

CVE-2012-1513

CVSS v2.0

4.0

Média

Vetor

AV:N/AC:L/Au:S/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions vCenter Orchestrator versions 4.0 through 4.0 Update 3 vCenter Orchestrator versions 4.1 through 4.1 Update 1 vCenter Orchestrator versions 4.2 through 4.2 Update 0

Description The issue allows remote authenticated administrators to obtain sensitive information, specifically the vCenter Server password, which is placed in an HTML document by the Web Configuration tool.

Recommendations For versions 4.0 through 4.0 Update 3, update to version 4.0 Update 4 or later. For versions 4.1 through 4.1 Update 1, update to version 4.1 Update 2 or later. For versions 4.2 through 4.2 Update 0, update to version 4.2 Update 1 or later.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2012-1513

Produtos afetados

Vcenter Orchestrator

Vcenter Server

PT-2012-3319 · Vmware · Vcenter Server+1

CVE-2012-1513

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7