CVE-2017-4928

Published Nov 17, 2017

Last updated 6 years ago

CVSS high 7.5

Overview

Description: The flash-based vSphere Web Client (6.0 prior to 6.0 U3c and 5.5 prior to 5.5 U3f) i.e. not the new HTML5-based vSphere Client, contains SSRF and CRLF injection issues due to improper neutralization of URLs. An attacker may exploit these issues by sending a POST request with modified headers towards internal services leading to information disclosure.
Source: security@vmware.com
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-352

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B12523A-5C1E-408F-BB4B-98EF32C7D676"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:5.5:1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C06379AA-13C0-41FB-B63C-0C46D6DD0462"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:5.5:1a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C0080A4-A72E-4F7F-AB4C-168F957EAE4B"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:5.5:1b:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "26AAFC76-9CB6-4F22-880C-0102BECEE04C"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:5.5:1c:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD83F1CE-CD2A-49B3-858D-8CE3F715DC40"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:5.5:2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8339BAB3-D6C9-426A-9C1D-9F2AB946BF96"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:5.5:2b:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BDA978D2-DEA4-4EC9-8945-A6AEA5AA87BE"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:5.5:2d:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "455C1162-56F5-457A-97D1-B98CFD5F27CE"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:5.5:2e:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C6B794EE-70C2-4271-B946-202AB21CA477"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:5.5:3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BDE11C9F-D31E-4E9F-ABC6-FFA1BD56DEEE"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:5.5:3a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "23D847E4-5869-476A-B85F-29D8D5FDB68D"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:5.5:3b:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F8CC145-0D3F-4E42-BA46-403586EC608A"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:5.5:3d:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "279E7753-5CA1-4622-8B9E-10FF3004941B"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:5.5:3e:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE7A5CA2-6F73-4250-B3C8-DCA0F34AB405"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:5.5:b:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "551415D9-20A2-4F1B-A954-ED97849FBD29"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:5.5:c:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12EED8B4-FC24-4E6A-A6ED-4BF10B65C049"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7499E57A-1F9C-45F0-93F8-F3FB7B0F990F"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:6.0:1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43BEE461-85B7-4C19-8FBA-4460186DC58A"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:6.0:1b:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8249B2E-251F-4ED9-836F-E5D4C90D4EA6"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:6.0:2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED78D4B1-5959-46F1-8DEE-7DE3BE38BAE3"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:6.0:2a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04B290DB-03A4-4BA0-93FE-4BD9BC5ED8BB"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:6.0:2m:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C722953-08D7-4763-84CB-144D40D99EAC"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:6.0:3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D97ADC1A-5382-4CA0-AA1F-B460205B397C"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:6.0:3a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22F7C55C-877C-4DA2-869D-96FAA7527C1F"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:6.0:3b:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01214586-9344-4CB7-BE76-174EA3234654"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:6.0:a:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74EE8EE5-54F0-4359-898B-C57C5B2AE7C4"
          },
          {
            "criteria": "cpe:2.3:a:vmware:vcenter_server:6.0:b:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F83AAB8E-F129-4D1C-A4BC-4CC2C1777F5F"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References