CVE-2013-1659

VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5.1 before 5.1.0b; VMware ESXi 3.5 through 5.1; and VMware ESX 3.5 through 4.1 do not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption) by modifying the client-server data stream.
Severity
UNKNOWN
AV:N/AC:H/Au:N/C:C/I:C/A:C
Atk. Vector
NETWORK
Atk. Complexity
HIGH
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
VendorProductVersion
vmwarevcenter_server
4.0
vmwarevcenter_server
4.0
vmwarevcenter_server
4.0
vmwarevcenter_server
4.0
vmwarevcenter_server
4.0
vmwarevcenter_server
4.0
vmwarevcenter_server_appliance
5.1
vmwarevcenter_server_appliance
5.1.0a
vmwarevcenter_server
5.0
vmwarevcenter_server
5.0
vmwareesxi
3.5
vmwareesxi
3.5
vmwareesxi
4.0
vmwareesxi
4.0
vmwareesxi
4.0
vmwareesxi
4.0
vmwareesxi
4.0
vmwareesxi
4.1
vmwareesxi
4.1
vmwareesxi
4.1
vmwareesxi
5.0
vmwareesxi
5.0
vmwareesxi
5.0
vmwareesxi
5.1
vmwareesxi
3.5
vmwareesxi
3.5
vmwareesxi
4.0
vmwareesxi
4.0
vmwareesxi
4.0
vmwareesxi
4.0
vmwareesxi
4.0
vmwareesxi
4.1
𝑥
= Vulnerable software versions