CVE-2010-2928 - OpenCVE

The vCenter Tomcat Management Application in VMware vCenter Server 4.1 before Update 1 stores log-on credentials in a configuration file, which allows local users to gain privileges by reading this file.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Vmware	Vcenter Server

Configuration 1 [-]

cpe:2.3:a:vmware:vcenter_server:4.1:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://osvdb.org/70859
http://secunia.com/advisories/43307
http://securityreason.com/securityalert/8079
http://www.securityfocus.com/archive/1/516397/100/0/threaded
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2011-02-16T00:00:00

Updated: 2024-08-07T02:46:48.992Z

Reserved: 2010-08-02T00:00:00

Link: CVE-2010-2928

Vulnrichment

No data.

NVD

Status : Modified

Published: 2011-02-16T01:00:02.337

Modified: 2018-10-10T20:00:21.797

Link: CVE-2010-2928

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-02-10T00:00:00", "descriptions": [{"lang": "en", "value": "The vCenter Tomcat Management Application in VMware vCenter Server 4.1 before Update 1 stores log-on credentials in a configuration file, which allows local users to gain privileges by reading this file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "70859", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/70859"}, {"name": "43307", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/43307"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"}, {"name": "8079", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/8079"}, {"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-2928", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The vCenter Tomcat Management Application in VMware vCenter Server 4.1 before Update 1 stores log-on credentials in a configuration file, which allows local users to gain privileges by reading this file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "70859", "refsource": "OSVDB", "url": "http://osvdb.org/70859"}, {"name": "43307", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/43307"}, {"name": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"}, {"name": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"}, {"name": "8079", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/8079"}, {"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T02:46:48.992Z"}, "title": "CVE Program Container", "references": [{"name": "70859", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/70859"}, {"name": "43307", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/43307"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"}, {"name": "8079", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/8079"}, {"name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-2928", "datePublished": "2011-02-16T00:00:00", "dateReserved": "2010-08-02T00:00:00", "dateUpdated": "2024-08-07T02:46:48.992Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}