Lucene search
HistorySep 18, 2015 - 10:59 p.m.
CVE-2015-6932
vmware
vcenter
server
tls
ldap
certificate
verification
security
vulnerability
nvd
cve-2015-6932
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
5.9 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
29.4%
VMware vCenter Server 5.5 before u3 and 6.0 before u1 does not verify X.509 certificates from TLS LDAP servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Affected configurations
Node
vmwarevcenter_serverMatch5.5-
ORvmwarevcenter_serverMatch5.51
ORvmwarevcenter_serverMatch5.51a
ORvmwarevcenter_serverMatch5.51b
ORvmwarevcenter_serverMatch5.51c
ORvmwarevcenter_serverMatch5.52
ORvmwarevcenter_serverMatch5.52b
ORvmwarevcenter_serverMatch5.52d
ORvmwarevcenter_serverMatch5.52e
ORvmwarevcenter_serverMatch6.0-
ORvmwarevcenter_serverMatch6.0a
ORvmwarevcenter_serverMatch6.0b
| CPE | Name | Operator | Version |
|---|---|---|---|
| vmware:vcenter_server | vmware vcenter server | eq | 5.5 |
| vmware:vcenter_server | vmware vcenter server | eq | 6.0 |
Related
vmware
vmware
VMware vCenter Server updates address a LDAP certificate validation issue
2015-09-16 00:00:00
VMware vCenter Server updates address a LDAP certificate validation issue
2015-09-16 00:00:00
nessus
nessus
cvelist
cvelist
CVE-2015-6932
2015-09-18 22:00:00
kaspersky
kaspersky
KLA10665 Obtain sensitive information vulnerability in VMware vCenter Server
2015-09-16 00:00:00
prion
prion
Design/Logic Flaw
2015-09-18 22:59:00
nvd
nvd
CVE-2015-6932
2015-09-18 22:59:09
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
5.9 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
29.4%
Related for CVE-2015-6932