Unrated severityNVD Advisory· Published Sep 18, 2015· Updated May 6, 2026

CVE-2015-6932

Description

VMware vCenter Server 5.5 before u3 and 6.0 before u1 does not verify X.509 certificates from TLS LDAP servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

Affected products

VMware/Vcenter Server12 versions
cpe:2.3:a:vmware:vcenter_server:5.5:-:*:*:*:*:*:*+ 11 more
- cpe:2.3:a:vmware:vcenter_server:5.5:-:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_server:5.5:1:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_server:5.5:1a:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_server:5.5:1b:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_server:5.5:1c:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_server:5.5:2:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_server:5.5:2b:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_server:5.5:2d:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_server:5.5:2e:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_server:6.0:-:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_server:6.0:a:*:*:*:*:*:*
- cpe:2.3:a:vmware:vcenter_server:6.0:b:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securitytracker.com/id/1033582nvdThird Party AdvisoryVDB Entry
www.vmware.com/security/advisories/VMSA-2015-0006.htmlnvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000