[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 648
  • Last Modified:

VMWare vCenter vulnerability help

I had a vulnerability scan done recently and I'm having trouble finding any information on 1 of the items. My setup is ESXi 5.1 with vCenter Server running on Win2008 R2 SP1.

Web Server Internal IP address or network name available
CVE: CVE-2000-0649 CVE-2002-0419
Location: http://localhost:9090/vsphere-client
Impact: An attacker could determine information about your internal network structure from information in http headers.


Seems like there is some sort of http hearer leak of some kind. I was flagged for a few other vCenter items on port 9090 but I was able to find a VMware KB article which states that "there is no potential to obtain sensitive data from this exploit". I realize that port 9090 and 9443 is needed for the Web Client. Anyone have any info on this?? Thanks a lot.
0
cb_it
Asked:
cb_it
1 Solution
 
asavenerCommented:
Connecting to the server on 9090 should just redirect you to the SSL-protected site (on port 9443).

If you were actually administering the server over 9090, then a bad guy could sniff your username and password.

Since it's just a redirection, no sensitive information is exposed.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
AS it's a vCenter Application, or possibly Apache Web Engine, are you running the latest vCenter Server for 5.1.

if you are, you would need to discuss this security issues with VMware Support for Guidance, if they believe it is a security threat, and could be a false postiive provided by the scanner,
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now