CVE-2011-1789

medium

VMware

CVSS v3 Base Score

5.0

AV:N/AC:L/Au:N/C:N/I:P/A:N

EPSS Score

0.4%

Exploitation probability in 30 days

Top 42% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

None

Integrity

Availability

None

Published: May 9, 2011 (5484 days ago)

Last Modified: April 29, 2026

Vendor: VMware

Source: NVD

Description

The self-extracting installer in the vSphere Client Installer package in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1, VMware ESXi 4.x before 4.1 Update 1, and VMware ESX 4.x before 4.1 Update 1 does not have a digital signature, which might make it easier for remote attackers to spoof the software distribution via a Trojan horse installer.

CWE

CWE-310

Affected Products

vmware esxvmware esxivmware vcenter

References

🔗 lists.vmware.com 🔗 securitytracker.com 🔗 www.vmware.com 🔗 lists.vmware.com 🔗 securitytracker.com

CVE-2011-1789

Vulnerability Report

Description

CWE

Affected Products

References