CVE-2017-4923

critical VMware
CVSS v3 Base Score
9.8
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.8%
Exploitation probability in 30 days
Top 26% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Confidentiality
High
Integrity
High
Availability
High
Published: August 1, 2017 (3208 days ago)
Last Modified: May 13, 2026
Vendor: VMware
Source: NVD

Description

VMware vCenter Server (6.5 prior to 6.5 U1) contains an information disclosure vulnerability. This issue may allow plaintext credentials to be obtained when using the vCenter Server Appliance file-based backup feature.

CWE

CWE-200

Affected Products

vmware vcenter server

References

🔗 www.securityfocus.com 🔗 www.securitytracker.com 🔗 www.vmware.com 🔗 www.securityfocus.com 🔗 www.securitytracker.com