CVE-2014-1209
Severity
9.3CRITICAL
EPSS
4.1%
top 11.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 11
Latest updateMay 17
Description
VMware vSphere Client 4.0, 4.1, 5.0 before Update 3, and 5.1 before Update 2 does not properly validate updates to Client files, which allows remote attackers to trigger the downloading and execution of an arbitrary program via unspecified vectors.
CVSS vector
AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0