Vulnerability in Vmware Esx

CVE-2011-1789

The self-extracting installer in the vSphere Client Installer package in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1, VMware ESXi 4.x before 4.1 Update 1, and VMware ESX 4.x before 4.1 Update 1 does not have a digital signat…

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.004 (58.6th percentile) — read the EPSS interpretation.

Affected products

Vmware Esx — versions 4.0, 4.1
Vmware Esxi — versions 4.0, 4.1
Vmware Vcenter — versions 4.0, 4.1
N/a — versions n/a

Weakness classification (CWE)

CWE-310 — Cryptographic Issues

References

[security-announce] 20110505 VMSA-2011-0008 VMware vCenter Server and vSphere Client security vulnerabilities (mailing-list, x_refsource_MLIST, Patch)
1025502 (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)