VMware vCenter Multiple Vulnerabilities (VMSA-2012-0013)

This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.


Synopsis :

The remote host has a virtualization management application installed
that is affected by multiple vulnerabilities.

Description :

The version of VMware vCenter installed on the remote host is 4.0
earlier than Update 4a, 4.1 earlier than Update 3, or 5.0 earlier than
Update 2. As such, it is potentially affected by multiple
vulnerabilities in the included Oracle (Sun) Java Runtime
Environment.

See also :

http://www.vmware.com/security/advisories/VMSA-2012-0013.html
http://lists.vmware.com/pipermail/security-announce/2012/000197.html

Solution :

Upgrade to VMware vCenter Server 4.0 Update 4a / 4.1 Update 3 / 5.0
Update 2 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.8
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial