Title

Multiple Vulnerabilities in VMware vCenter Server 4.1 (Cat I impact)

Discussion

VMware has released a security advisory addressing multiple vulnerabilities affecting VMware vCenter Server 4.1. To exploit these vulnerabilities, an attacker would utilize various TTPs (Tactics, Techniques and Procedures). Successful exploitation of the most serious of these vulnerabilities would result in the complete compromise of affected systems.

Check Content

See IAVM notice and vendor bulletin for additional information. Vulnerable Applications/Systems: vCenter Server 4.1 without Update 3 Verify the application's version number by using Help, About or similar menu selections. Ensure the Application/System version is at least the version listed below. vCenter Server 4.1 Update 3 Windows - Alternately, verify the version through the Support information link for the program in Add or Remove Programs or Programs and Features (Vista Forward). To expose the version column in Programs and Features right click somewhere in the column headers, select More and select Version.

Fix Text

Additional Identifiers

Rule ID:

Vulnerability ID: V-33793

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.