CVE-2010-0686

WebAccess in VMware VirtualCenter 2.0.2 and 2.5, VMware Server 2.0, and VMware ESX 3.0.3 and 3.5 allows remote attackers to leverage proxy-server functionality to spoof the origin of requests via unspecified vectors, related to a "URL forwarding vulnerability."

Published: Apr 1, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-0686
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
vmware / virtualcenter	2.0.2	2.0.2.x
vmware / virtualcenter	2.5	2.5.x
vmware / server	2.0.0	2.0.0.x
vmware / esx_server	3.0.3	3.0.3.x
vmware / esx_server	3.5	3.5.x

http://lists.vmware.com/pipermail/security-announce/2010/000086.html
http://www.securityfocus.com/bid/39037
http://www.securitytracker.com/id?1023769
http://www.vmware.com/security/advisories/VMSA-2010-0005.html

Vulnerability Database

289,599

CVE-2010-0686