Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2011-4404

Опубликовано: 19 нояб. 2011
Источник: nvd
CVSS2: 5
EPSS Высокий

Описание

The default configuration of the HTTP server in Jetty in vSphere Update Manager in VMware vCenter Update Manager 4.0 before Update 4 and 4.1 before Update 2 allows remote attackers to conduct directory traversal attacks and read arbitrary files via unspecified vectors, a related issue to CVE-2009-1523.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:vmware:vcenter_update_manager:4.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_update_manager:4.0:update_1:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_update_manager:4.0:update_2:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_update_manager:4.0:update_3:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_update_manager:4.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_update_manager:4.1:update_1:*:*:*:*:*:*

EPSS

Процентиль: 99%
0.83606
Высокий

5 Medium

CVSS2

Дефекты

CWE-16

Связанные уязвимости

ubuntu логотип

CVE-2011-4404

ubuntu
около 14 лет назад

The default configuration of the HTTP server in Jetty in vSphere Update Manager in VMware vCenter Update Manager 4.0 before Update 4 and 4.1 before Update 2 allows remote attackers to conduct directory traversal attacks and read arbitrary files via unspecified vectors, a related issue to CVE-2009-1523.

debian логотип

CVE-2011-4404

debian
около 14 лет назад

The default configuration of the HTTP server in Jetty in vSphere Updat ...

github логотип

GHSA-2vmm-vm8r-59c6

github
больше 3 лет назад

The default configuration of the HTTP server in Jetty in vSphere Update Manager in VMware vCenter Update Manager 4.0 before Update 4 and 4.1 before Update 2 allows remote attackers to conduct directory traversal attacks and read arbitrary files via unspecified vectors, a related issue to CVE-2009-1523.

EPSS

Процентиль: 99%
0.83606
Высокий

5 Medium

CVSS2

Дефекты

CWE-16