VYPR
Unrated severityNVD Advisory· Published Dec 8, 2014· Updated Jun 17, 2026

CVE-2014-8371

CVE-2014-8371

Description

VMware vCenter Server Appliance (vCSA) 5.5 before Update 2, 5.1 before Update 3, and 5.0 before Update 3c does not properly validate certificates when connecting to a CIM Server on an ESXi host, which allows man-in-the-middle attackers to spoof CIM servers via a crafted certificate.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

10
  • cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_1:*:*:*:*:*:*+ 9 more
    • cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_1:*:*:*:*:*:*
    • cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_2:*:*:*:*:*:*
    • cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_3:*:*:*:*:*:*
    • cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_3a:*:*:*:*:*:*
    • cpe:2.3:a:vmware:vcenter_server_appliance:5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_1:*:*:*:*:*:*
    • cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_2:*:*:*:*:*:*
    • cpe:2.3:a:vmware:vcenter_server_appliance:5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:vmware:vcenter_server_appliance:5.5:update_1:*:*:*:*:*:*
    • (no CPE)range: 5.5 before Update 2, 5.1 before Update 3, 5.0 before Update 3c

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.