Improper input validation in Vmware Esx

CVE-2013-5970

hostd-vmdb in VMware ESXi 4.0 through 5.0 and ESX 4.0 through 4.1 allows remote attackers to cause a denial of service (hostd-vmdb service outage) by modifying management traffic.

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.008 (73.9th percentile) — read the EPSS interpretation.

Affected products

Vmware Esx — versions 4.0, 4.1
Vmware Esxi — versions 4.0, 4.1, 5.0
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

vmware-esxi-cve20135970-dos(88135) (vdb-entry, x_refsource_XF)
63216 (vdb-entry, x_refsource_BID)
1029206 (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
98719 (x_refsource_OSVDB, vdb-entry)