CVE-2008-4278

Published Oct 6, 2008

Last updated 6 years ago

CVSS info 2.1

Overview

Description: VMware VirtualCenter 2.5 before Update 3 build 119838 on Windows displays a user's password in cleartext when the password contains unspecified special characters, which allows physically proximate attackers to steal the password.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:vmware:virtual_infrastructure_client:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9A303926-5369-413E-93AB-FF3337B790D9"
          },
          {
            "criteria": "cpe:2.3:a:vmware:virtualcenter:*:update_2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A5B6A72-ACC7-4320-BD95-F555ACE3B71B",
            "versionEndIncluding": "2.5"
          },
          {
            "criteria": "cpe:2.3:a:vmware:virtualcenter:1.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CE3C34C-EC77-4C5B-8B0C-130BAF2776D4"
          },
          {
            "criteria": "cpe:2.3:a:vmware:virtualcenter:2.0:unknown:client:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "65811F69-FE15-44EB-A6BD-DAC10698047D"
          },
          {
            "criteria": "cpe:2.3:a:vmware:virtualcenter:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B422C79D-ACB5-4650-9542-0AA562296286"
          },
          {
            "criteria": "cpe:2.3:a:vmware:virtualcenter:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDFF5385-64AA-48AD-A5FE-25918E4F07D6"
          },
          {
            "criteria": "cpe:2.3:a:vmware:virtualcenter:2.0.2:update_2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E15CB55D-DE86-4A1F-90E8-BEC3ABBF256B"
          },
          {
            "criteria": "cpe:2.3:a:vmware:virtualcenter:2.0.2:update_3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CE6C817-1129-4570-9F04-1FC7EA42FBA5"
          },
          {
            "criteria": "cpe:2.3:a:vmware:virtualcenter:2.0.2:update_4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "181F6A06-A95F-401D-B835-F630722064F4"
          },
          {
            "criteria": "cpe:2.3:a:vmware:virtualcenter:2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D17E8DFD-AC99-45E6-81F9-ED66369FBD0A"
          },
          {
            "criteria": "cpe:2.3:a:vmware:virtualcenter:2.5:update_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3AB56C1-35F2-448D-9EB7-35FB4E00C227"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References