Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:vmware:vcenter_server_appliance:5.1:*:*:*:*:*:*:*
There are 9 matching records.
Displaying matches 1 through 9.
Vuln ID Summary CVSS Severity
CVE-2014-8371

VMware vCenter Server Appliance (vCSA) 5.5 before Update 2, 5.1 before Update 3, and 5.0 before Update 3c does not properly validate certificates when connecting to a CIM Server on an ESXi host, which allows man-in-the-middle attackers to spoof CIM servers via a crafted certificate.

Published: December 08, 2014; 6:59:08 AM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2014-3797

Cross-site scripting (XSS) vulnerability in VMware vCenter Server Appliance (vCSA) 5.1 before Update 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: December 08, 2014; 6:59:04 AM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2014-4258

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC.

Published: July 17, 2014; 7:17:10 AM -0400
V3.x:(not available)
V2.0: 6.5 MEDIUM
CVE-2014-4241

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect integrity via vectors related to WLS - Web Services.

Published: July 17, 2014; 7:17:09 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2014-3790

Ruby vSphere Console (RVC) in VMware vCenter Server Appliance allows remote authenticated users to execute arbitrary commands as root by escaping from a chroot jail.

Published: June 01, 2014; 12:29:34 AM -0400
V3.x:(not available)
V2.0: 9.0 HIGH
CVE-2013-3080

VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to create or overwrite arbitrary files, and consequently execute arbitrary code or cause a denial of service, by leveraging Virtual Appliance Management Interface (VAMI) web-interface access.

Published: May 01, 2013; 8:00:14 AM -0400
V3.x:(not available)
V2.0: 9.0 HIGH
CVE-2013-3079

VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to execute arbitrary programs with root privileges by leveraging Virtual Appliance Management Interface (VAMI) access.

Published: May 01, 2013; 8:00:14 AM -0400
V3.x:(not available)
V2.0: 9.0 HIGH
CVE-2013-1659

VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5.1 before 5.1.0b; VMware ESXi 3.5 through 5.1; and VMware ESX 3.5 through 4.1 do not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption) by modifying the client-server data stream.

Published: February 22, 2013; 3:55:01 PM -0500
V3.x:(not available)
V2.0: 7.6 HIGH
CVE-2012-6324

Directory traversal vulnerability in VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 and 5.1 before Patch 1 allows remote authenticated users to read arbitrary files via unspecified vectors.

Published: December 21, 2012; 4:55:01 PM -0500
V3.x:(not available)
V2.0: 4.0 MEDIUM