This script is Copyright (C) 2016 Tenable Network Security, Inc.
A virtualization management application installed on the remote host
is affected by an HTTP header injection vulnerability.
The version of VMware vCenter Server installed on the remote host is
6.0.x prior to 6.0u2. It is, therefore, affected by an HTTP header
injection vulnerability due to improper sanitization of user-supplied
input. A remote attacker can exploit this to inject arbitrary HTTP
headers and conduct HTTP response splitting attacks.
See also :
Upgrade to VMware vCenter Server version 6.0u2 (6.0.0 build-3634788)
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.1
Public Exploit Available : true