Authentication Bypass Vulnerability in VMware ESXi 4.1 Update Installer

Authentication Bypass Vulnerability in VMware ESXi 4.1 Update Installer

CVE-2010-4573 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

The Update Installer in VMware ESXi 4.1, when a modified sfcb.cfg is present, does not properly configure the SFCB authentication mode, which allows remote attackers to obtain access via an arbitrary username and password.

Learn more about our Cis Benchmark Audit For Vmware.