Unrated severityNVD Advisory· Published Feb 15, 2013· Updated Apr 29, 2026
CVE-2013-1405
CVE-2013-1405
Description
VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, VMware VirtualCenter 2.5, VMware vSphere Client 4.0 before Update 4b and 4.1 before Update 3a, VMware VI-Client 2.5, VMware ESXi 3.5 through 4.1, and VMware ESX 3.5 through 4.1 do not properly implement the management authentication protocol, which allow remote servers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Affected products
20cpe:2.3:a:vmware:vcenter_server:4.0:update_4:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:vmware:vcenter_server:4.0:update_4:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_server:4.1:update_3:*:*:*:*:*:*
- cpe:2.3:a:vmware:virtualcenter:2.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vsphere_client:4.0:update_4:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:vmware:vsphere_client:4.0:update_4:*:*:*:*:*:*
- cpe:2.3:a:vmware:vsphere_client:4.1:update_3:*:*:*:*:*:*
cpe:2.3:o:vmware:esxi:3.5:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:o:vmware:esxi:3.5:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:3.5:1:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:4.0:1:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:4.0:2:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:4.0:3:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:4.0:4:*:*:*:*:*:*
- cpe:2.3:o:vmware:esxi:4.1:*:*:*:*:*:*:*
cpe:2.3:o:vmware:esx:3.5:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:o:vmware:esx:3.5:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:3.5:update1:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:3.5:update2:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:3.5:update3:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.vmware.com/security/advisories/VMSA-2013-0001.htmlnvdVendor Advisory
News mentions
0No linked articles in our index yet.