CVE-2014-3796

VMware NSX and vCloud Networking and Security - Information Disclosure via Improper Input Validation

Title source: llm
STIX 2.1

Description

VMware NSX 6.0 before 6.0.6, and vCloud Networking and Security (vCNS) 5.1 before 5.1.4.2 and 5.5 before 5.5.3, does not properly validate input, which allows attackers to obtain sensitive information via unspecified vectors.

References (4)

Core 4
Core References
Patch, Vendor Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2014-0009.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1030835
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/59938
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/95926

Scores

EPSS 0.0049
EPSS Percentile 65.6%

Details

CWE
CWE-20
Status published
Products (17)
vmware/nsx 6.0
vmware/nsx 6.0.1
vmware/nsx 6.0.2
vmware/nsx 6.0.3
vmware/nsx 6.0.4
vmware/nsx 6.0.5
vmware/vcloud_networking_and_security 5.1
vmware/vcloud_networking_and_security 5.1.1
vmware/vcloud_networking_and_security 5.1.2
vmware/vcloud_networking_and_security 5.1.3
... and 7 more
Published Sep 15, 2014
Tracked Since Feb 18, 2026