6.3 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
29.4%
VMware vCenter Server 5.5 before u3 and 6.0 before u1 does not verify X.509 certificates from TLS LDAP servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
www.securitytracker.com/id/1033582
www.vmware.com/security/advisories/VMSA-2015-0006.html