#VU7641 Information disclosure in vCenter Server
Vulnerability identifier: #VU7641
Vulnerability risk: Low
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-200
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
vCenter Server
Server applications /
Virtualization software
Vendor: VMware, Inc
Description
The vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to improper security restrictions that are set on the vCenter Server Appliance file-based backup feature. A remote attacker can use the file-based backup feature to access important data, such as plaintext credentials, that may be used to conduct further attack.
Successful exploitation of the vulnerability results in information disclosure.
Mitigation
Update to version 6.5 U1.
Vulnerable software versions
vCenter Server: 6.5.0
External links
http://www.vmware.com/security/advisories/VMSA-2017-0013.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
