CVE-2005-3620
published 2005-12-31CVE-2005-3620: The management interface for VMware ESX Server 2.0.x before 2.0.2 patch 1, 2.1.x before 2.1.3 patch 1, and 2.x before 2.5.3 patch 2 records passwords in…
low2.1CVSS 3.1
AVLACLAuNCPINAN
The management interface for VMware ESX Server 2.0.x before 2.0.2 patch 1, 2.1.x before 2.1.3 patch 1, and 2.x before 2.5.3 patch 2 records passwords in cleartext in URLs that are stored in world-readable web server log files, which allows local users to gain privileges.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| emc | vmware_server | <= 1.0.4_build_56528 | — |
| vmware | esx | >= 2.0.1 < 2.0.2 | 2.0.2 |
| vmware | esx | >= 2.1.1 < 2.1.3 | 2.1.3 |
| vmware | esx | >= 2.5.2 < 2.5.3 | 2.5.3 |