CVE Database · CVE-2009-0518
CVSS v3.1
N/A
EPSS
0.33%
Published
Apr 6, 2009
Modified
Apr 22, 2026
Public PoC / Exploit (1)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
VI Client in VMware VirtualCenter before 2.5 Update 4, VMware ESXi 3.5 before Update 4, and VMware ESX 3.5 before Update 4 retains the VirtualCenter Server password in process memory, which might allow local users to obtain this password.
Weaknesses (CWE)
Affected Products (8)
References (14)
