VMware VirtualCenter Client Vulnerability: SSL Session Management Flaw
CVE-2006-5990

Currently unrated

Key Information:

Vendor
Vmware
Vendor
CVE Published:
21 November 2006

Summary

The VMware VirtualCenter client has a vulnerability that arises from improper server certificate verification when creating SSL sessions. This flaw allows malicious remote servers to spoof valid servers, enabling potential man-in-the-middle attacks. This can compromise sensitive data by intercepting and altering communications between clients and servers. Users of affected versions should take immediate action to apply the recommended patches to mitigate this risk.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.