Access Control Vulnerability in VMware VirtualCenter by VMware
CVE-2008-3514

Currently unrated

Key Information:

Vendor
Vmware
Vendor
CVE Published:
13 August 2008

Summary

VMware VirtualCenter versions prior to Update 2 for 2.5 and Update 5 for 2.0.2 contain an access control vulnerability that relies on client-side functionality for user permission management. This flaw enables remote attackers to uncover valid usernames by manipulating GUI features and attempting to assign permissions, potentially leading to unauthorized actions within the system.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.