6.8
CVE-2013-5971
- EPSS 2.02%
- Veröffentlicht 21.10.2013 10:54:30
- Zuletzt bearbeitet 29.04.2026 01:13:23
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Session fixation vulnerability in the vSphere Web Client Server in VMware vCenter Server 5.0 before Update 3 allows remote attackers to hijack web sessions and gain privileges via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VMware ≫ vCenter Server Updateupdate_2_rc Version <= 5.0
VMware ≫ vCenter Server Version4.0.0.10021
VMware ≫ vCenter Server Version4.0.0.12305
VMware ≫ vCenter Server Version4.1
VMware ≫ vCenter Server Version4.1.0.12319
VMware ≫ vCenter Server Version4.1.0.14766
VMware ≫ vCenter Server Version4.1.0.17435
VMware ≫ vCenter Server Version5.0
VMware ≫ vCenter Server Version5.0 Updateupdate_1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.02% | 0.785 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
http://www.vmware.com/security/advisories/VMSA-2013-0012.html
http://osvdb.org/98718
http://www.securityfocus.com/bid/63218
https://exchange.xforce.ibmcloud.com/vulnerabilities/88134