CVE-2013-3107

Name of the Vulnerable Software and Affected Versions VMware vCenter Server version 5.1 before Update 1

Description The issue allows remote attackers to bypass authentication by providing a valid username in conjunction with an empty password when anonymous LDAP binding for Active Directory is enabled.

Recommendations For VMware vCenter Server version 5.1 before Update 1, update to Update 1 or later to resolve the issue. As a temporary workaround, consider disabling anonymous LDAP binding for Active Directory to minimize the risk of exploitation.