Computer Security
[EN] securityvulns.ru no-pyccku


VMWare VirtualCenter information leak
Published:15.08.2008
Source:
SecurityVulns ID:9223
Type:remote
Threat Level:
4/10
Description:It's possible to obtain username information.
Affected:VMWARE : VirtualCenter 2.0
 VMWARE : VirtualCenter 2.5
CVE:CVE-2008-3514 (VMware VirtualCenter 2.5 before Update 2 and 2.0.2 before Update 5 relies on client-side "enabled/disabled functionality" for access control, which allows remote attackers to determine valid user names by enabling functionality in the GUI and then making an "attempt to assign permissions to other system users.")
Original documentdocumentVMWARE, VMSA-2008-0012 Updated VirtualCenter addresses User Account Disclosure Vulnerability (15.08.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod