VMware vCenter Server 5.1 before Update 1, when anonymous LDAP binding for Active Directory is enabled, allows remote attackers to bypass authentication by providing a valid username in conjunction with an empty password.
References
Link | Resource |
---|---|
http://www.vmware.com/security/advisories/VMSA-2013-0006.html | Vendor Advisory |
Configurations
Information
Published : 2013-05-01 05:00
Updated : 2013-05-01 05:00
NVD link : CVE-2013-3107
Mitre link : CVE-2013-3107
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
vmware
- vcenter_server_appliance