PT-2011-1384 · Vmware · Vmware Vcenter Server+1

Claudio Criscione

Published

2011-02-16

Updated

2018-10-10

CVE-2010-2928

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions VMware vCenter Server version 4.1 before Update 1

Description The issue concerns the storage of log-on credentials in a configuration file by the vCenter Tomcat Management Application. This allows local users to gain privileges by reading the file, potentially leading to unauthorized access.

Recommendations For VMware vCenter Server version 4.1 before Update 1, apply Update 1 to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

CVE-2010-2928

Affected Products

Vmware Vcenter

Vmware Vcenter Server

PT-2011-1384 · Vmware · Vmware Vcenter Server+1

CVE-2010-2928

Weakness Enumeration

Related Identifiers

Affected Products

References · 8