Solved

VMWare vCenter vulnerability help

Posted on 2014-01-30
2
640 Views
Last Modified: 2014-02-05
I had a vulnerability scan done recently and I'm having trouble finding any information on 1 of the items. My setup is ESXi 5.1 with vCenter Server running on Win2008 R2 SP1.

Web Server Internal IP address or network name available
CVE: CVE-2000-0649 CVE-2002-0419
Location: http://localhost:9090/vsphere-client
Impact: An attacker could determine information about your internal network structure from information in http headers.


Seems like there is some sort of http hearer leak of some kind. I was flagged for a few other vCenter items on port 9090 but I was able to find a VMware KB article which states that "there is no potential to obtain sensitive data from this exploit". I realize that port 9090 and 9443 is needed for the Web Client. Anyone have any info on this?? Thanks a lot.
0
Comment
Question by:cb_it
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 28

Accepted Solution

by:
asavener earned 500 total points
ID: 39821749
Connecting to the server on 9090 should just redirect you to the SSL-protected site (on port 9443).

If you were actually administering the server over 9090, then a bad guy could sniff your username and password.

Since it's just a redirection, no sensitive information is exposed.
0
 
LVL 120
ID: 39821930
AS it's a vCenter Application, or possibly Apache Web Engine, are you running the latest vCenter Server for 5.1.

if you are, you would need to discuss this security issues with VMware Support for Guidance, if they believe it is a security threat, and could be a false postiive provided by the scanner,
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If we need to check who deleted a Virtual Machine from our vCenter. Looking this task in logs can be painful and spend lot of time, so the best way to check this is in the vCenter DB. Just connect to vCenter DB(default DB should be VCDB and using…
When rebooting a vCenters 6.0 and try to connect using vSphere Client we get this issue "Invalid URL: The hostname could not parsed." When we get this error we need to do some changes in the vCenter advanced settings to fix the issue.
Teach the user how to delpoy the vCenter Server Appliance and how to configure its network settings Deploy OVF: Open VM console and configure networking:
Teach the user how to use configure the vCenter Server storage filters Open vSphere Web Client:  Navigate to vCenter Server Advanced Settings: Add the four vCenter Server storage filters: Review the advanced settings: Modify the values of the four v…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question