CVE-2013-1659

high VMware
CVSS v3 Base Score
7.6
AV:N/AC:H/Au:N/C:C/I:C/A:C
EPSS Score
0.9%
Exploitation probability in 30 days
Top 25% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
High
Confidentiality
C
Integrity
C
Availability
C
Published: February 22, 2013 (4829 days ago)
Last Modified: April 29, 2026
Vendor: VMware
Source: NVD

Description

VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5.1 before 5.1.0b; VMware ESXi 3.5 through 5.1; and VMware ESX 3.5 through 4.1 do not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption) by modifying the client-server data stream.

CWE

NVD-CWE-Other

Affected Products

vmware vcenter servervmware vcenter server appliancevmware esxi

References

🔗 www.vmware.com 🔗 www.vmware.com