CVE-2012-1513

Currently unrated

Key Information:

Vendor: Vmware
Status: Vcenter Orchestrator
Vendor: CVE Published:; 16 March 2012

Summary

The Web Configuration tool in VMware vCenter Orchestrator (vCO) 4.0 before Update 4, 4.1 before Update 2, and 4.2 before Update 1 places the vCenter Server password in an HTML document, which allows remote authenticated administrators to obtain sensitive information by reading this document.

References

http://www.securityfocus.com/bid/52525

vdb-entryx_refsource_BID

http://secunia.com/advisories/48408

third-party-advisoryx_refsource_SECUNIA

http://osvdb.org/80120

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Mar 16, 2012
Vulnerability Reserved
Mar 8, 2012