CVE-2014-1210
VMware vSphere Client 5.0-5.1 - Certificate Validation Bypass
Title source: llmDescription
VMware vSphere Client 5.0 before Update 3 and 5.1 before Update 2 does not properly validate X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2014-0003.html
Scores
EPSS
0.0018
EPSS Percentile
39.2%
Details
CWE
CWE-310
Status
published
Products (2)
vmware/vsphere_client
5.0
vmware/vsphere_client
5.1
Published
Apr 11, 2014
Tracked Since
Feb 18, 2026