CVE-2008-4278

CVSS 2.1 - LOW
Description

VMware VirtualCenter 2.5 before Update 3 build 119838 on Windows displays a user's password in cleartext when the password contains unspecified special characters, which allows physically proximate attackers to steal the password.

Affected Products
12
Vendor Product Version
vmware virtual_infrastructure_client All versions
vmware virtualcenter All versions
vmware virtualcenter 1.4.1
vmware virtualcenter 2.0
vmware virtualcenter 2.0.1
vmware virtualcenter 2.0.2
vmware virtualcenter 2.0.2
vmware virtualcenter 2.0.2
vmware virtualcenter 2.0.2
vmware virtualcenter 2.5
vmware virtualcenter 2.5
microsoft windows All versions
References
http://marc.info/?l=bugtraq&m=122331139823057&w=2
http://secunia.com/advisories/32179
http://secunia.com/advisories/32180
http://www.securityfocus.com/archive/1/497041/100/...
http://www.securityfocus.com/bid/31569
http://www.securitytracker.com/id?1020992
http://www.vmware.com/security/advisories/VMSA-200...
http://www.vupen.com/english/advisories/2008/2740
https://exchange.xforce.ibmcloud.com/vulnerabiliti...
http://marc.info/?l=bugtraq&m=122331139823057&w=2
http://secunia.com/advisories/32179
http://secunia.com/advisories/32180
http://www.securityfocus.com/archive/1/497041/100/...
http://www.securityfocus.com/bid/31569
http://www.securitytracker.com/id?1020992
http://www.vmware.com/security/advisories/VMSA-200...
http://www.vupen.com/english/advisories/2008/2740
https://exchange.xforce.ibmcloud.com/vulnerabiliti...
Weakness Types
CWE-200
CVE Information
CVE ID:
CVE-2008-4278
Published:
2008-10-06
Modified:
2026-04-23
CVSS Score:
2.1
Severity:
LOW
Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N
Affected Vendors
microsoft vmware
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL