Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2011-1789

The self-extracting installer in the vSphere Client Installer package in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1, VMware ESXi 4.x before 4.1 Update 1, and VMware ESX 4.x before 4.1 Update 1 does not have a digital signature, which might make it easier for remote attackers to spoof the software distribution via a Trojan horse installer.

  • Published: May 10, 2011
  • Updated: Apr 13, 2023
  • CVE: CVE-2011-1789
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:P/A:N

CWEs:

Software From Fixed in
vmware / vcenter 4.0-update_1 4.0-update_1.x
vmware / vcenter 4.1 4.1.x
vmware / vcenter 4.0 4.0.x
vmware / vcenter 4.0-update_2 4.0-update_2.x
vmware / esxi 4.1 4.1.x
vmware / esxi 4.0 4.0.x
vmware / esx 4.1 4.1.x
vmware / esx 4.0 4.0.x