The VMware Remote Console (VMRC) function in VMware vCloud Automation Center (vCAC) 6.0.1 through 6.1.1 allows remote authenticated users to gain privileges via vectors involving the Connect (by) Using VMRC function.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Vcloud_automation_center | Vmware | 6.0.1 (including) | 6.0.1 (including) |
| Vcloud_automation_center | Vmware | 6.0.1.1 (including) | 6.0.1.1 (including) |
| Vcloud_automation_center | Vmware | 6.0.1.2 (including) | 6.0.1.2 (including) |
| Vcloud_automation_center | Vmware | 6.1 (including) | 6.1 (including) |
| Vcloud_automation_center | Vmware | 6.1.1 (including) | 6.1.1 (including) |
References
- http://packetstormsecurity.com/files/129455/VMware-Security-Advisory-2014-0013.html
- http://seclists.org/fulldisclosure/2014/Dec/33
- http://secunia.com/advisories/61169
- http://www.securityfocus.com/archive/1/534186/100/0/threaded
- http://www.securitytracker.com/id/1031323
- http://www.vmware.com/security/advisories/VMSA-2014-0013.html
- http://packetstormsecurity.com/files/129455/VMware-Security-Advisory-2014-0013.html
- http://seclists.org/fulldisclosure/2014/Dec/33
- http://secunia.com/advisories/61169
- http://www.securityfocus.com/archive/1/534186/100/0/threaded
- http://www.securitytracker.com/id/1031323
- http://www.vmware.com/security/advisories/VMSA-2014-0013.html