PT-2008-5551 · Vmware · Vmware Virtualcenter

Mark Woollatt

Published

2008-10-06

Updated

2018-10-11

CVE-2008-4278

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: VMware VirtualCenter version 2.5 before Update 3 build 119838

Description: The issue allows physically proximate attackers to steal a user's password when it contains unspecified special characters, as the password is displayed in cleartext.

Recommendations: For VMware VirtualCenter version 2.5 before Update 3 build 119838, update to Update 3 build 119838 or later to resolve the issue. As a temporary workaround, consider avoiding the use of special characters in passwords until the update is applied.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2008-4278

Affected Products

Vmware Virtualcenter

PT-2008-5551 · Vmware · Vmware Virtualcenter

CVE-2008-4278

Weakness Enumeration

Related Identifiers

Affected Products

References · 11