CVE-2014-1210CVE-2014-1210

Affected configuration(s):

cpe:/a:vmware:vsphere_client:5.0
cpe:/a:vmware:vsphere_client:5.1

Date published: 2014-04-11T15:55:04.510-04:00

Date last modified: 2014-04-14T12:58:12.650-04:00

CVSS Score: 5.8

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://www.vmware.com/security/advisories/VMSA-2014-0003.html

Summary: VMware vSphere Client 5.0 before Update 3 and 5.1 before Update 2 does not properly validate X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.