CVE-2013-1659
Last modified
CVE-2013-1659 is a vulnerability of currently unknown severity. VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5.1 before 5.1.0b; VMware ESXi 3.5 through 5.1; and VMware ESX 3.5 through 4.1 do not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption) by modifying the client-server data stream.. EPSS estimates a 1.82% chance of exploitation in the next 30 days.
Description
VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5.1 before 5.1.0b; VMware ESXi 3.5 through 5.1; and VMware ESX 3.5 through 4.1 do not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption) by modifying the client-server data stream.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Vmware | Vcenter Server | 4.0 |
| Vmware | Vcenter Server Appliance | 5.1 |
| Vmware | Vcenter Server Appliance | 5.1.0a |
| Vmware | Vcenter Server | 5.0 |
| Vmware | Esxi | 3.5 |
| Vmware | Esxi | 4.0 |
| Vmware | Esxi | 4.1 |
| Vmware | Esxi | 5.0 |
| Vmware | Esxi | 5.1 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2013-1659?
How severe is CVE-2013-1659?
How do I fix CVE-2013-1659?
Are you affected by CVE-2013-1659?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST