WebAccess Vulnerability in VMware Products
CVE-2010-0686
Currently unrated
Summary
The WebAccess component in various VMware products contains a vulnerability that allows remote attackers to exploit the proxy-server functionality. By crafting specific requests, an attacker can spoof the origin of these requests, potentially leading to unauthorized access or other malicious activities. The affected versions include VMware VirtualCenter 2.0.2, 2.5, Server 2.0, and ESX versions 3.0.3 and 3.5. Prompt application of the relevant security advisories is recommended to mitigate associated risks.
References
Timeline
Vulnerability published
Vulnerability Reserved