CVE-2013-3079

CWE-94 — Code Injection3 documents3 sources

Severity

9.0CRITICAL

EPSS

0.5%

top 35.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware Vcenter Server Appliance

Timeline

PublishedMay 1

Latest updateMay 17

Description

VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to execute arbitrary programs with root privileges by leveraging Virtual Appliance Management Interface (VAMI) access.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages1 packages

▶NVDvmware/vcenter5.1

🔴Vulnerability Details

GHSA

GHSA-cp8m-fj8q-88fm: VMware vCenter Server Appliance (vCSA) 5↗2022-05-17

▶

CVEList

CVE-2013-3079: VMware vCenter Server Appliance (vCSA) 5↗2013-05-01

▶