LDAP Authentication Bypass in VMware vCenter Server
CVE-2013-3107
Currently unrated
Summary
VMware vCenter Server 5.1 prior to Update 1 is susceptible to an authentication bypass vulnerability due to the misuse of anonymous LDAP binding for Active Directory. This flaw allows remote attackers to gain unauthorized access by submitting a valid username with an empty password, thereby circumventing standard authentication mechanisms.
References
Timeline
Vulnerability Reserved
Vulnerability published