Vulnerability Details : CVE-2012-5703
The vSphere API in VMware ESXi 4.1 and ESX 4.1 allows remote attackers to cause a denial of service (host daemon crash) via an invalid value in a (1) RetrieveProp or (2) RetrievePropEx SOAP request.
Vulnerability category: Input validationDenial of service
Products affected by CVE-2012-5703
- cpe:2.3:o:vmware:esxi:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:vmware:esx:4.1:*:*:*:*:*:*:*
Threat overview for CVE-2012-5703
Top countries where our scanners detected CVE-2012-5703
Top open port discovered on systems with this issue
443
IPs affected by CVE-2012-5703 29
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2012-5703!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2012-5703
4.81%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-5703
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2012-5703
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-5703
-
http://www.coresecurity.com/content/vmware-esx-input-validation-error
VMware vSphere Hypervisor Vulnerability | Core Security
-
http://www.vmware.com/security/advisories/VMSA-2012-0016.html
VMSA-2012-0016Vendor Advisory
-
http://www.securityfocus.com/bid/56571
VMware ESXi and ESX vSphere API Remote Denial of Service Vulnerability
-
http://www.securitytracker.com/id?1027782
VMware ESX/ESXi vSphere API Bug Lets Remote Users Deny Service - SecurityTracker
Jump to