XML Parsing Vulnerability in VMware vCenter Server Appliance by VMware
CVE-2012-6325

Currently unrated

Key Information:

Vendor: Vmware
Status: Vcenter Server Appliance
Vendor: CVE Published:; 21 December 2012

Summary

The VMware vCenter Server Appliance (vCSA) version 5.0 prior to Update 2 contains a vulnerability in its XML document parsing functionality. This flaw permits remote authenticated users to read arbitrary files on the server, potentially exposing sensitive information. As such, it poses a risk to the integrity and confidentiality of data managed by the vCenter Server Appliance. Administrators are urged to apply updates and consult security advisories to mitigate risks associated with this vulnerability.

References

http://www.vmware.com/security/advisories/VMSA-2012-0018....

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 21, 2012