CVE-2019-5537
N/A
N/A
Summary
Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance (6.7 before 6.7u3a and 6.5 before 6.5u3d) may allow a malicious actor to intercept sensitive data in transit over FTPS and HTTPS. A malicious actor with man-in-the-middle positioning between vCenter Server Appliance and a backup target may be able to intercept sensitive data in transit during File-Based Backup and Restore operations.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | VMware vCenter Server Appliance | VMware vCenter Server Appliance (6.7 before 6.7u3a and 6.5 before 6.5u3d) | affected |
Weaknesses
- Information Disclosure Vulnerability
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.