Unrated severityNVD Advisory· Published Aug 13, 2008· Updated Jun 16, 2026
CVE-2008-3514
CVE-2008-3514
Description
VMware VirtualCenter 2.5 before Update 2 and 2.0.2 before Update 5 relies on client-side "enabled/disabled functionality" for access control, which allows remote attackers to determine valid user names by enabling functionality in the GUI and then making an "attempt to assign permissions to other system users."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7cpe:2.3:a:vmware:virtualcenter:2.0.2:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:vmware:virtualcenter:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:virtualcenter:2.0.2:update_2:*:*:*:*:*:*
- cpe:2.3:a:vmware:virtualcenter:2.0.2:update_3:*:*:*:*:*:*
- cpe:2.3:a:vmware:virtualcenter:2.5:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:virtualcenter:2.5:update_1:*:*:*:*:*:*
- cpe:2.3:a:vmware:virtualcenter:*:update_4:*:*:*:*:*:*range: <=2.0.2
- (no CPE)range: <2.5 Update 2, <2.0.2 Update 5
Patches
Vulnerability mechanics
References
10- www.vmware.com/security/advisories/VMSA-2008-0012.htmlnvdPatchVendor Advisory
- secunia.com/advisories/31468nvdVendor Advisory
- www.vupen.com/english/advisories/2008/2363nvdVendor Advisory
- securityreason.com/securityalert/4150nvd
- www.insomniasec.com/advisories/ISVA-080812.1.htmnvd
- www.securityfocus.com/archive/1/495386/100/0/threadednvd
- www.securityfocus.com/bid/30664nvd
- www.securitytracker.com/idnvd
- www.vmware.com/support/vi3/doc/releasenotes_vc202u5.htmlnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/44425nvd
News mentions
0No linked articles in our index yet.