Improper input validation in Vmware Vcenter_server

CVE-2015-1047

vpxd in VMware vCenter Server 5.0 before u3e, 5.1 before u3, and 5.5 before u2 allows remote attackers to cause a denial of service via a long heartbeat message.

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.029 (86.7th percentile) — read the EPSS interpretation.

Affected products

Vmware Vcenter_server — versions 5.0, 5.1, 5.5
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

76932 (vdb-entry, x_refsource_BID)
1033720 (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)