Remote Code Execution Vulnerability in VMware vCenter Chargeback Manager
CVE-2013-3520

Currently unrated

Key Information:

Vendor: Vmware
Status: Vcenter Chargeback Manager
Vendor: CVE Published:; 17 June 2013

What is CVE-2013-3520?

VMware vCenter Chargeback Manager prior to version 2.5.1 has a vulnerability that permits attackers to upload malicious files, potentially leading to the execution of arbitrary code. This security flaw arises from improper handling of file uploads, exposing systems to unauthorized access and manipulation. Users are highly encouraged to update to the latest version to mitigate this risk.

References

http://www.vmware.com/security/advisories/VMSA-2013-0008....

x_refsource_CONFIRM

EPSS Score

81% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 17, 2013

Vmware

What is CVE-2013-3520?

References

EPSS Score

Timeline