Lucene search
HistoryMay 01, 2013 - 12:00 p.m.
CVE-2013-3107
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6.9 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
48.1%
VMware vCenter Server 5.1 before Update 1, when anonymous LDAP binding for Active Directory is enabled, allows remote attackers to bypass authentication by providing a valid username in conjunction with an empty password.
Affected configurations
Node
vmwarevcenter_server_applianceMatch5.0
Related
cve
cve
CVE-2013-3107
2022-10-03 16:14:46
cvelist
cvelist
CVE-2013-3107
2022-10-03 16:14:46
prion
prion
Authentication flaw
2013-05-01 12:00:00
openvas
openvas
VMware Security Updates for vCenter Server (VMSA-2013-0006)
2014-01-09 00:00:00
VMware Security Updates for vCenter Server (VMSA-2013-0006)
2014-01-09 00:00:00
nessus
nessus
VMware Security Updates for vCenter Server (VMSA-2013-0006)
2013-04-30 00:00:00
vmware
vmware
VMware security updates for vCenter Server
2013-04-25 00:00:00
VMware security updates for vCenter Server
2013-04-25 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6.9 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
48.1%
Related for NVD:CVE-2013-3107