LDAP Authentication Bypass in VMware vCenter Server
CVE-2013-3107

Currently unrated

Key Information:

Vendor: Vmware
Status: Vcenter Server Appliance
Vendor: CVE Published:; 1 May 2013

What is CVE-2013-3107?

VMware vCenter Server 5.1 prior to Update 1 is susceptible to an authentication bypass vulnerability due to the misuse of anonymous LDAP binding for Active Directory. This flaw allows remote attackers to gain unauthorized access by submitting a valid username with an empty password, thereby circumventing standard authentication mechanisms.

References

http://www.vmware.com/security/advisories/VMSA-2013-0006....

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
May 1, 2013

Vmware

What is CVE-2013-3107?

References

Timeline