VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j) contains an information disclosure vulnerability due to the logging of credentials in plain-text for virtual machines deployed through OVF. A malicious user with access to the log files containing vCenter OVF-properties of a virtual machine deployed from an OVF may be able to view the credentials used to deploy the OVF (typically the root account of the virtual machine).
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: vmware
Published: 2019-09-18T20:32:36
Updated: 2024-08-04T20:01:51.489Z
Reserved: 2019-01-07T00:00:00
Link: CVE-2019-5532
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-09-18T21:15:13.313
Modified: 2022-04-22T19:30:36.723
Link: CVE-2019-5532
Redhat
No data.