CVE-2013-1405
Description
VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, VMware VirtualCenter 2.5, VMware vSphere Client 4.0 before Update 4b and 4.1 before Update 3a, VMware VI-Client 2.5, VMware ESXi 3.5 through 4.1, and VMware ESX 3.5 through 4.1 do not properly implement the management authentication protocol, which allow remote servers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Risk Information
Base Score
9.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.902
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2013-1405,CVE-2013-1659 are affected in VMware vCenter 4.0-update_4 | Windows |
| Vulnerabilities CVE-2013-1405 are affected in VMware vCenter 4.1-update_3 | Windows |
| Vulnerabilities CVE-2013-1405,CVE-2014-1209 are affected in VMware VSphere CLI (x64) 4.0 | Windows |
| Vulnerabilities CVE-2013-1405 are affected in VMware VSphere CLI (x64) 4.0-update_4 | Windows |
| Vulnerabilities CVE-2013-1405,CVE-2014-1209 are affected in VMware VSphere CLI (x64) 4.1 | Windows |
| Vulnerabilities CVE-2013-1405 are affected in VMware VSphere CLI (x64) 4.1-update_3 | Windows |
| Vulnerabilities CVE-2013-1405,CVE-2013-1659 are affected in VMware vCenter Server 4.0-update_4 | Windows |
| Vulnerabilities CVE-2013-1405 are affected in VMware vCenter Server 4.1-update_3 | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234