CVE-2008-4278

CWE-200Information Exposure3 documents3 sources
Severity
2.1LOW
EPSS
0.1%
top 81.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Vmware Virtualcenter
Timeline
PublishedOct 6
Latest updateMay 2

Description

VMware VirtualCenter 2.5 before Update 3 build 119838 on Windows displays a user's password in cleartext when the password contains unspecified special characters, which allows physically proximate attackers to steal the password.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

Patches

Patch: www.vmware.comPatch: www.vmware.com

🔴Vulnerability Details

2
GHSA
GHSA-cg7x-wpjc-28wr: VMware VirtualCenter 22022-05-02
CVEList
CVE-2008-4278: VMware VirtualCenter 22008-10-06
CVE-2008-4278 (LOW CVSS 2.1) | VMware VirtualCenter 2.5 before Upd | cvebase.io