Unrated severityNVD Advisory· Published Jun 17, 2013· Updated Apr 29, 2026

CVE-2013-3520

Description

VMware vCenter Chargeback Manager (aka CBM) before 2.5.1 does not proper handle uploads, which allows remote attackers to execute arbitrary code via unspecified vectors.

Affected products

VMware/Vcenter Chargeback Manager7 versions
cpe:2.3:a:vmware:vcenter_chargeback_manager:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:vmware:vcenter_chargeback_manager:*:*:*:*:*:*:*:*range: <=2.5.0
- cpe:2.3:a:vmware:vcenter_chargeback_manager:1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_chargeback_manager:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_chargeback_manager:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_chargeback_manager:1.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_chargeback_manager:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_chargeback_manager:2.0.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.vmware.com/security/advisories/VMSA-2013-0008.htmlnvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.066
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000