PT-2008-4908 · Vmware · Vmware Virtualcenter

Published

2008-08-13

Updated

2018-10-11

CVE-2008-3514

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions VMware VirtualCenter versions 2.0.2 before Update 5 VMware VirtualCenter versions 2.5 before Update 2

Description The issue allows remote attackers to determine valid user names by exploiting the client-side access control mechanism. This is done by enabling functionality in the GUI and then attempting to assign permissions to other system users.

Recommendations For versions 2.0.2 before Update 5, update to Update 5 or later. For versions 2.5 before Update 2, update to Update 2 or later.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2008-3514

Affected Products

Vmware Virtualcenter

PT-2008-4908 · Vmware · Vmware Virtualcenter

CVE-2008-3514

Weakness Enumeration

Related Identifiers

Affected Products

References · 12