{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, VMware VirtualCenter 2.5, VMware vSphere Client 4.0 before Update 4b and 4.1 before Update 3a, VMware VI-Client 2.5, VMware ESXi 3.5 through 4.1, and VMware ESX 3.5 through 4.1 do not properly implement the management authentication protocol, which allow remote servers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-02-15T11:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/security/advisories/VMSA-2013-0001.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-1405", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, VMware VirtualCenter 2.5, VMware vSphere Client 4.0 before Update 4b and 4.1 before Update 3a, VMware VI-Client 2.5, VMware ESXi 3.5 through 4.1, and VMware ESX 3.5 through 4.1 do not properly implement the management authentication protocol, which allow remote servers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.vmware.com/security/advisories/VMSA-2013-0001.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2013-0001.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T14:57:05.140Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/security/advisories/VMSA-2013-0001.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-1405", "datePublished": "2013-02-15T11:00:00Z", "dateReserved": "2013-01-19T00:00:00Z", "dateUpdated": "2024-09-17T03:38:50.720Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:vcenter_server:4.0:update_4:*:*:*:*:*:*", "matchCriteriaId": "8BDBAABE-D43C-491B-A3D2-8A625A8524E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server:4.1:update_3:*:*:*:*:*:*", "matchCriteriaId": "05AA5E52-299B-4B2A-AB6C-909005831AD5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:virtualcenter:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "D17E8DFD-AC99-45E6-81F9-ED66369FBD0A", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:vsphere_client:4.0:update_4:*:*:*:*:*:*", "matchCriteriaId": "D07E4CB7-7337-454A-8088-ADD06CDF39A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vsphere_client:4.1:update_3:*:*:*:*:*:*", "matchCriteriaId": "ECE82311-7CA2-4E73-8EDB-AE399E14A860", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:vi-client:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "671C0883-F9AE-45F9-9632-4373A4E93E80", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:vmware:esxi:3.5:*:*:*:*:*:*:*", "matchCriteriaId": "FAE88D8C-9CC3-46D1-9F26-290BC679F47E", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:3.5:1:*:*:*:*:*:*", "matchCriteriaId": "58ED8AB4-0FDF-4752-B44E-56F58593CE41", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "13771B15-CD71-472A-BE56-718B87D5825D", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:4.0:1:*:*:*:*:*:*", "matchCriteriaId": "0A4E41C0-31FA-47AA-A9BF-B9A6C1D44801", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:4.0:2:*:*:*:*:*:*", "matchCriteriaId": "AF016EE7-083A-4D62-A6D4-2807EB47B6DB", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:4.0:3:*:*:*:*:*:*", "matchCriteriaId": "8F11844A-3C6C-4AA5-87DC-979AFF62867A", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:4.0:4:*:*:*:*:*:*", "matchCriteriaId": "AC463653-A599-45CF-8EA9-8854D5C59963", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esxi:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "4BDE707D-A1F4-4829-843E-F6633BB84D6D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:vmware:esx:3.5:*:*:*:*:*:*:*", "matchCriteriaId": "BFF29100-E124-4416-95CF-18B4246D43F2", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esx:3.5:update1:*:*:*:*:*:*", "matchCriteriaId": "37A5D726-3D38-44D5-B509-1B8B003903A0", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esx:3.5:update2:*:*:*:*:*:*", "matchCriteriaId": "A4DA3B20-A743-4F37-A095-65161FFBEB73", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esx:3.5:update3:*:*:*:*:*:*", "matchCriteriaId": "FF7C3C65-BE63-407E-9CFD-E571025C3E79", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "BC337BB7-9A45-4406-A783-851F279130EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "0B6BA46F-4E8C-4B2A-AE92-81B9F1B4D56C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, VMware VirtualCenter 2.5, VMware vSphere Client 4.0 before Update 4b and 4.1 before Update 3a, VMware VI-Client 2.5, VMware ESXi 3.5 through 4.1, and VMware ESX 3.5 through 4.1 do not properly implement the management authentication protocol, which allow remote servers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors."}, {"lang": "es", "value": "VMware vCenter Server v4.0 anteriormente Update v4b y v4.1 anteriormente Update v3a, VMware VirtualCenter v2.5, VMware vSphere Client v4.0 anteriormente Update v4b y 4.1 anteriormente Update v3a, VMware VI-Client v2.5, VMware ESXi v3.5 hasta v4.1, y VMware ESX v3.5 hasta v4.1 no implementa correctamente el protocolo de gesti\u00f3n de autentificaci\u00f3n, el cual permite a servidores remotos ejecutar c\u00f3digo o causar una denegaci\u00f3n de servicios en la memoria corrupta por vectores sin especificar."}], "id": "CVE-2013-1405", "lastModified": "2024-11-21T01:49:30.703", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-02-15T12:09:29.227", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vmware.com/security/advisories/VMSA-2013-0001.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vmware.com/security/advisories/VMSA-2013-0001.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}