CVE-2010-2928 — Vmware Vcenter Server vulnerability

CWE-2553 documents3 sources

Severity

2.1LOWNVD

EPSS

0.1%

top 81.25%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware Vcenter Server

Timeline

PublishedFeb 16

Latest updateMay 14

Description

The vCenter Tomcat Management Application in VMware vCenter Server 4.1 before Update 1 stores log-on credentials in a configuration file, which allows local users to gain privileges by reading this file.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

▶NVDvmware/vcenter_server4.1

🔴Vulnerability Details

GHSA

GHSA-328f-8262-r864: The vCenter Tomcat Management Application in VMware vCenter Server 4↗2022-05-14

▶

CVEList

CVE-2010-2928: The vCenter Tomcat Management Application in VMware vCenter Server 4↗2011-02-16

▶