Path Traversal in Vmware Esx

CVE-2013-3658

Directory traversal vulnerability in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to delete arbitrary host OS files via unspecified vectors.

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.006 (70.3th percentile) — read the EPSS interpretation.

Affected products

Vmware Esx — versions 4.0, 4.1
Vmware Esxi — versions 4.0, 4.1, 5.0
N/a — versions n/a

Weakness classification (CWE)

CWE-22 — Path Traversal

References

JVNDB-2013-000084 (x_refsource_JVNDB, third-party-advisory)
vultures@jpcert.or.jp (x_refsource_CONFIRM)
JVN#72911629 (x_refsource_JVN, third-party-advisory)