PT-2009-3171 · Vmware · Vmware Virtualcenter+1

Craig Marshall

Published

2009-04-06

Updated

2017-09-29

CVE-2009-0518

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions VMware VirtualCenter versions prior to 2.5 Update 4 VMware ESXi versions prior to 3.5 Update 4 VMware ESX versions prior to 3.5 Update 4

Description The issue allows local users to potentially obtain the VirtualCenter Server password, as it is retained in process memory.

Recommendations For VMware VirtualCenter versions prior to 2.5 Update 4, update to version 2.5 Update 4 or later. For VMware ESXi versions prior to 3.5 Update 4, update to version 3.5 Update 4 or later. For VMware ESX versions prior to 3.5 Update 4, update to version 3.5 Update 4 or later.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2009-0518

Affected Products

Vmware Esxi

Vmware Virtualcenter

PT-2009-3171 · Vmware · Vmware Virtualcenter+1

CVE-2009-0518

Weakness Enumeration

Related Identifiers

Affected Products

References · 9