CVE-2017-4927LDAP Injection in Vmware Vcenter Server

CWE-90LDAP Injection3 documents3 sources
Severity
7.5HIGHNVD
EPSS
1.4%
top 19.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Vmware Vcenter Server
Timeline
PublishedNov 17
Latest updateMay 17

Description

VMware vCenter Server (6.5 prior to 6.5 U1 and 6.0 prior to 6.0 U3c) does not correctly handle specially crafted LDAP network packets which may allow for remote denial of service.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDvmware/vcenter_server6.06.0_u3c+1
CVEListV5vmware/vcenter_server6.0 prior to 6.0 U3c, 6.5 prior to 6.5 U1+1

🔴Vulnerability Details

2
GHSA
GHSA-wrgq-9j5m-mw73: VMware vCenter Server (62022-05-17
CVEList
CVE-2017-4927: VMware vCenter Server (62017-11-17
CVE-2017-4927 — LDAP Injection in Vmware Vcenter Server | cvebase