LDAP Authentication Bypass in VMware vCenter Server
CVE-2013-3107

Currently unrated

Key Information:

Vendor
Vmware
Vendor
CVE Published:
1 May 2013

Summary

VMware vCenter Server 5.1 prior to Update 1 is susceptible to an authentication bypass vulnerability due to the misuse of anonymous LDAP binding for Active Directory. This flaw allows remote attackers to gain unauthorized access by submitting a valid username with an empty password, thereby circumventing standard authentication mechanisms.

References

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.