CVE-2013-1661

CWE-20Improper Input Validation4 documents4 sources
Severity
4.3MEDIUM
EPSS
0.4%
top 41.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Vmware ESXVmware Esxi
Timeline
PublishedSep 4
Latest updateMay 17

Description

VMware ESXi 4.0 through 5.1, and ESX 4.0 and 4.1, does not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to cause a denial of service (unhandled exception and application crash) by modifying the client-server data stream.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

NVDvmware/esxi4 versions+3
NVDvmware/esx4.0, 4.1+1

🔴Vulnerability Details

2
GHSA
GHSA-x84p-w2wx-9hf2: VMware ESXi 42022-05-17
CVEList
CVE-2013-1661: VMware ESXi 42013-09-04

💬Community

1
Bugzilla
CVE-2013-2561 ibutils: insecure handling of files in the /tmp directory2013-03-25
CVE-2013-1661 (MEDIUM CVSS 4.3) | VMware ESXi 4.0 through 5.1 | cvebase.io