5.8

CVE-2015-6932

VMware vCenter Server 5.5 before u3 and 6.0 before u1 does not verify X.509 certificates from TLS LDAP servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Data is provided by the National Vulnerability Database (NVD)
VMwareVcenter Server Version5.5 Update-
VMwareVcenter Server Version5.5 Update1
VMwareVcenter Server Version5.5 Update1a
VMwareVcenter Server Version5.5 Update1b
VMwareVcenter Server Version5.5 Update1c
VMwareVcenter Server Version5.5 Update2
VMwareVcenter Server Version5.5 Update2b
VMwareVcenter Server Version5.5 Update2d
VMwareVcenter Server Version5.5 Update2e
VMwareVcenter Server Version6.0 Update-
VMwareVcenter Server Version6.0 Updatea
VMwareVcenter Server Version6.0 Updateb
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.17% 0.392
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5.8 8.6 4.9
AV:N/AC:M/Au:N/C:P/I:P/A:N
http://www.securitytracker.com/id/1033582
Third Party Advisory
VDB Entry