BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

VMware vCenter and ESX Multiple Vulnerabilities

Disclosed April 25, 2013    Partially Patched, Zeroday

Vulnerability Description:

VMware vCenter and ESX contain multiple vulnerabilities, including a failure to properly verify login credentials in Active Directory with anonymous LDAP binding (vCenter only) and a vulnerable version of Java (vCenter and ESX). Successful exploitation of these vulnerabilities may lead to information disclosure, denial of service, or remote code execution.

Vendors:

VMware

Vulnerable Software/Devices:

VMware vCenter 4.1
VMware ESX 4.1

Vulnerability Severity:

High

Exploit Availability:

No Exploit Available

Exploit Impact:

Remote Code Execution
Exploitation of these vulnerabilities is possible via multiple different vectors. Attackers who successfully exploit these vulnerabilities will be able to execute code on the vulnerable system, possibly allowing the attacker full control of the target system.

BeyondTrust Prevention and Detection:

BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.

  • 18956 - VMware vCenter Server Products Multiple Vulnerabilities (20130426) - vCenter 5.1
  • 31125 - VMWare Products Multiple Vulnerabilities (20131018) - vCenter Server 5.0
  • 18958 - VMware ESX Java Multiple Vulnerabilities (Zero-Day)
  • 18961 - VMware vCenter Server Products Multiple Vulnerabilities (Zero-Day) - vCenter 4.1

Mitigation:

Install the available patch for vCenter 5.1 and 5.0; otherwise, no mtigiation is currently available. 

Links:

CVE(s):