Описание
VMware vSphere Client 4.0, 4.1, 5.0 before Update 3, and 5.1 before Update 2 does not properly validate updates to Client files, which allows remote attackers to trigger the downloading and execution of an arbitrary program via unspecified vectors.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:vmware:vsphere_client:4.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vsphere_client:4.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vsphere_client:5.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vsphere_client:5.1:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.04133
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
больше 3 лет назад
VMware vSphere Client 4.0, 4.1, 5.0 before Update 3, and 5.1 before Update 2 does not properly validate updates to Client files, which allows remote attackers to trigger the downloading and execution of an arbitrary program via unspecified vectors.
EPSS
Процентиль: 88%
0.04133
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-20