Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
VMWare VirtualCenter client 2.x before 2.0.1 Patch 1 (Build 33643) and 1.4.x before 1.4.1 Patch 1 (Build 33425), when server certificate verification is enabled, does not verify the server's X.509 certificate when creating an SSL session, which allows remote malicious servers to spoof valid servers via a man-in-the-middle attack.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
VMware VirtualCenter SSL会话中间人攻击漏洞
Vulnerability Description
VirtualCenter是VMware的虚拟服务器管理系统。 VirtualCenter客户端在处理SSL连接的认证时存在漏洞,远程攻击者可能利用此漏洞通过中间人攻击劫持会话或窃听信息。VirtualCenter客户端在初始化SSL握手期间没有验证服务端的x.509证书,攻击者通过中间人攻击创建不安全的信任关系。
CVSS Information
N/A
Vulnerability Type
N/A