Vulnerability in Vmware Vcenter_server_appliance
CVE-2013-3107
VMware vCenter Server 5.1 before Update 1, when anonymous LDAP binding for Active Directory is enabled, allows remote attackers to bypass authentication by providing a valid username in conjunction with an empty password.
EPSS: 0.001 (29.8th percentile) — read the EPSS interpretation.
Affected products
- Vmware Vcenter_server_appliance — versions 5.0
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)