VMware vCenter Update Manager Directory Traversal (VMSA-2011-0014)

high Nessus Plugin ID 56958

Synopsis

An application on the remote web server has a directory traversal vulnerability.

Description

The version of Jetty web server included with VMware vCenter Update Manager on the remote host has a directory traversal vulnerability.
This is a variant of the issue previously addressed by VMware advisory VMSA-2010-0012.

The web server runs as SYSTEM by default. A remote, unauthenticated attacker could exploit this to read arbitrary files from the host.

Solution

Upgrade to vCenter Update Manager 4.1 Update 2 / 4.0 Update 4 or later.

See Also

http://web.archive.org/web/20160412032437/http://dsecrg.com/pages/vul/show.php?id=342

https://www.vmware.com/security/advisories/VMSA-2011-0014.html

Plugin Details

Severity: High

ID: 56958

File Name: vmware_vcenter_update_mgr_vmsa-2011-0014.nasl

Version: 1.16

Type: remote

Family: CGI abuses

Published: 11/28/2011

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.5

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Vulnerability Information

CPE: cpe:/a:vmware:vcenter_update_manager

Required KB Items: www/vcenter_update_mgr

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Patch Publication Date: 11/17/2011

Vulnerability Publication Date: 11/17/2011

Reference Information

CVE: CVE-2011-4404

BID: 50723

VMSA: 2011-0014