CVE-2015-1047 — Improper Input Validation in Vmware Vcenter Server

CWE-20 — Improper Input Validation5 documents5 sources

Severity

5.0MEDIUMNVD

EPSS

2.9%

top 13.60%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Vmware Vcenter Server

Timeline

PublishedOct 12

Latest updateMay 14

Description

vpxd in VMware vCenter Server 5.0 before u3e, 5.1 before u3, and 5.5 before u2 allows remote attackers to cause a denial of service via a long heartbeat message.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDvmware/vcenter_server5.0, 5.1, 5.5+2

Patches

Patch: www.vmware.com ↗Patch: www.vmware.com ↗

🔴Vulnerability Details

GHSA

GHSA-296x-83m2-v73h: vpxd in VMware vCenter Server 5↗2022-05-14

▶

CVEList

CVE-2015-1047: vpxd in VMware vCenter Server 5↗2015-10-12

▶

💥Exploits & PoCs

Exploit-DB

AlegroCart 1.2.8 - Local/Remote File Inclusion↗2015-11-16

▶

💬Community

Bugzilla

perl-DBD-Firebird: buffer overflow in error messages handling in IB_SQLtimeformat()↗2015-03-30

▶