CVE-2013-1661

VMware ESXi 4.0 through 5.1, and ESX 4.0 and 4.1, does not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to cause a denial of service (unhandled exception and application crash) by modifying the client-server data stream.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
VendorProductVersion
vmwareesx
4.0
vmwareesx
4.1
vmwareesxi
4.0
vmwareesxi
4.0:1
vmwareesxi
4.0:2
vmwareesxi
4.0:3
vmwareesxi
4.0:4
vmwareesxi
4.1
vmwareesxi
4.1:1
vmwareesxi
4.1:2
vmwareesxi
5.0
vmwareesxi
5.0:1
vmwareesxi
5.0:2
vmwareesxi
5.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.vmware.com/security/advisories/VMSA-2013-0011.html
http://www.vmware.com/security/advisories/VMSA-2013-0011.html