VMware vCenter Server 5.5.x < 5.5u3e / 6.0.x < 6.0u2a Multiple XXE Vulnerabilities (VMSA-2016-0022)

critical Nessus Plugin ID 95468

Synopsis

A virtualization management application installed on the remote host is affected by multiple XML external entity (XXE) vulnerabilities.

Description

The version of VMware vCenter Server installed on the remote host is 5.5.x prior to 5.5u3e or 6.0.x prior to 6.0u2a. It is, therefore, affected by multiple XML external entity (XXE) vulnerabilities :

- Multiple XML external entity (XXE) vulnerabilities exist in the Log Browser, the Distributed Switch setup, and the Content Library due to an incorrectly configured XML parser accepting XML external entities from an untrusted source. An authenticated, remote attacker can exploit this, via specially crafted XML data, to disclose the contents of arbitrary files. (CVE-2016-7459)

- An XML external entity (XXE) vulnerability exists in the Single Sign-On functionality due to an incorrectly configured XML parser accepting XML external entities from an untrusted source. An unauthenticated, remote attacker can exploit this, via specially crafted XML data, to disclose the contents of arbitrary files or cause a denial of service condition. (CVE-2016-7460)

Solution

Upgrade to VMware vCenter Server version 5.5.u3e (5.5.0 build-4180646) / 6.0u2a (6.0.0 build-4541947) or later.

See Also

https://www.vmware.com/security/advisories/VMSA-2016-0022.html

Plugin Details

Severity: Critical

ID: 95468

File Name: vmware_vcenter_vmsa-2016-0022.nasl

Version: 1.8

Type: remote

Family: Misc.

Published: 12/2/2016

Updated: 11/13/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P

CVSS Score Source: CVE-2016-7460

CVSS v3

Risk Factor: Critical

Base Score: 9.1

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:vmware:vcenter_server

Required KB Items: Host/VMware/vCenter, Host/VMware/version, Host/VMware/release

Exploit Ease: No known exploits are available

Patch Publication Date: 11/22/2016

Vulnerability Publication Date: 11/22/2016

Reference Information

CVE: CVE-2016-7459, CVE-2016-7460

BID: 94485, 94486

VMSA: 2016-0022