5
CVE-2006-2481
- EPSS 7.06%
- Veröffentlicht 31.07.2006 19:04:00
- Zuletzt bearbeitet 16.06.2026 22:25:06
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
VMware ESX Server 2.0.x before 2.0.2 and 2.x before 2.5.2 patch 4 stores authentication credentials in base 64 encoded format in the vmware.mui.kid and vmware.mui.sid cookies, which allows attackers to gain privileges by obtaining the cookies using attacks such as cross-site scripting (CVE-2005-3619).
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 7.06% | 0.934 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
http://kb.vmware.com/kb/2118366
http://secunia.com/advisories/21230
http://www.securityfocus.com/archive/1/441825/100/100/threaded
http://www.vupen.com/english/advisories/2006/3075
http://www.securityfocus.com/bid/19249
http://www.corsaire.com/advisories/c060512-001.txt
http://www.securityfocus.com/archive/1/441728/100/100/threaded