Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
VMware vCenter Server Appliance (vCSA) 5.5 before Update 2, 5.1 before Update 3, and 5.0 before Update 3c does not properly validate certificates when connecting to a CIM Server on an ESXi host, which allows man-in-the-middle attackers to spoof CIM servers via a crafted certificate.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
VMware vCenter Server Appliance 加密问题漏洞
Vulnerability Description
VMware vCenter Server Appliance(vCSA)是美国威睿(VMware)公司的一套服务器和虚拟化管理软件。该软件提供了一个用于管理VMware vSphere环境的集中式平台。 VMware vCSA中存在安全漏洞,该漏洞源于程序与ESXi主机上的CIM服务器连接时,没有正确验证证书。攻击者可借助特制的证书利用该漏洞实施中间人攻击,伪造数据,欺骗CIM服务器。以下版本受到影响:VMware vCSA Update 2之前5.5版本,Update 3之前5.1版本,Update
CVSS Information
N/A
Vulnerability Type
N/A