CVE-2010-2928
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2010-2928
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The vCenter Tomcat Management Application in VMware vCenter Server 4.1 before Update 1 stores log-on credentials in a configuration file, which allows local users to gain privileges by reading this file.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
VMware vCenter Server vCenter Tomcat Management Application权限提升漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
VMware vCenter Server是美国威睿(VMware)公司的一套服务器和虚拟化管理软件。该软件提供了一个用于管理VMware vSphere环境的集中式平台,可自动实施和交付虚拟基础架构。 VMware vCenter Server 4.1 Update 1之前版本中的vCenter Tomcat Management Application在配置文件中存储了登录证书。本地用户可以通过读取该文件获取特权。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2010-2928
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2010-2928
请登录查看更多情报信息。
Vendor Advisories for CVE-2010-2928 (5)
- http://www.vmware.com/security/advisories/VMSA-2011-0003.htmlx_refsource_CONFIRM
- http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.htmlx_refsource_CONFIRM
Other References for CVE-2010-2928 (1)
Same Patch Batch · n/a · 2011-02-16 · 10 CVEs total
| CVE-2010-4734 | Amix Skeletonz CMS comment功能多个跨站脚本攻击漏洞 | |
| CVE-2010-4735 | Ecommercemax Solutions Digital-goods seller shoppingcart.asp SQL注入漏洞 | |
| CVE-2010-4736 | GateSoft Docusafe ECO.asp SQL注入漏洞 | |
| CVE-2010-4737 | HotWebScripts HotWeb Rentals resorts.asp SQL注入漏洞 | |
| CVE-2010-4738 | Rae Media INC Real Estate Single和Multi Agent System多个SQL注入漏洞 | |
| CVE-2010-4739 | Aretimes Maian Media Silver组件SQL注入漏洞 | |
| CVE-2010-4740 | SCADA Engine BACnet OPC客户端WTclient.dll栈缓冲区溢出漏洞 | |
| CVE-2011-1034 | IBM Rational Build Forge UI跨站脚本攻击漏洞 | |
| CVE-2011-0654 | Microsoft Active Directory 'BROWSER ELECTION'缓冲区溢出漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2010-2928
No comments yet