Unrated severityNVD Advisory· Published Apr 1, 2010· Updated Apr 29, 2026

CVE-2010-0686

Description

WebAccess in VMware VirtualCenter 2.0.2 and 2.5, VMware Server 2.0, and VMware ESX 3.0.3 and 3.5 allows remote attackers to leverage proxy-server functionality to spoof the origin of requests via unspecified vectors, related to a "URL forwarding vulnerability."

Affected products

VMware/Esx Server2 versions
cpe:2.3:a:vmware:esx_server:3.0.3:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:vmware:esx_server:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:esx_server:3.5:*:*:*:*:*:*:*
VMware/Server
cpe:2.3:a:vmware:server:2.0.0:*:*:*:*:*:*:*
VMware/Virtualcenter2 versions
cpe:2.3:a:vmware:virtualcenter:2.0.2:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:vmware:virtualcenter:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:virtualcenter:2.5:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.vmware.com/pipermail/security-announce/2010/000086.htmlnvdPatchVendor Advisory
www.securityfocus.com/bid/39037nvdPatch
www.vmware.com/security/advisories/VMSA-2010-0005.htmlnvdPatchVendor Advisory
www.securitytracker.com/idnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000