Authentication Bypass Vulnerability in VMware Xenon

Authentication Bypass Vulnerability in VMware Xenon

CVE-2017-4952 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

VMware Xenon 1.x, prior to 1.5.4-CR7_1, 1.5.7_7, 1.5.4-CR6_2, 1.3.7-CR1_2, 1.1.0-CR0-3, 1.1.0-CR3_1,1.4.2-CR4_1, and 1.5.4_8, contains an authentication bypass vulnerability due to insufficient access controls for utility endpoints. Successful exploitation of this issue may result in information disclosure.

Learn more about our Web Application Penetration Testing UK.