CVE-2014-3796: Input Validation
First published: Mon Sep 15 2014(Updated: )
VMware NSX 6.0 before 6.0.6, and vCloud Networking and Security (vCNS) 5.1 before 5.1.4.2 and 5.5 before 5.5.3, does not properly validate input, which allows attackers to obtain sensitive information via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| VMware NSX | =6.0 | |
| VMware NSX | =6.0.1 | |
| VMware NSX | =6.0.2 | |
| VMware NSX | =6.0.3 | |
| VMware NSX | =6.0.4 | |
| VMware NSX | =6.0.5 | |
| Vmware Vcloud Networking And Security | =5.1 | |
| Vmware Vcloud Networking And Security | =5.1.1 | |
| Vmware Vcloud Networking And Security | =5.1.2 | |
| Vmware Vcloud Networking And Security | =5.1.3 | |
| Vmware Vcloud Networking And Security | =5.1.4 | |
| Vmware Vcloud Networking And Security | =5.1.4.1 | |
| Vmware Vcloud Networking And Security | =5.5 | |
| Vmware Vcloud Networking And Security | =5.5.0a | |
| Vmware Vcloud Networking And Security | =5.5.1 | |
| Vmware Vcloud Networking And Security | =5.5.2 | |
| Vmware Vcloud Networking And Security | =5.5.2.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-3796?
CVE-2014-3796 is rated as a medium severity vulnerability.
How do I fix CVE-2014-3796?
To fix CVE-2014-3796, upgrade to VMware NSX version 6.0.6 or later, or vCloud Networking and Security versions 5.1.4.2 or 5.5.3 or later.
What types of products are affected by CVE-2014-3796?
CVE-2014-3796 affects VMware NSX 6.0 through 6.0.5 and vCloud Networking and Security versions 5.1 through 5.5.2.1.
What is the impact of exploiting CVE-2014-3796?
Exploiting CVE-2014-3796 may allow attackers to obtain sensitive information.
Is there a workaround for CVE-2014-3796?
There are no known workarounds for CVE-2014-3796, so it is recommended to apply the updates.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/remedy
- agent/last-modified-date
- agent/author
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/vmware
- canonical/vmware nsx
- version/vmware nsx/6.0
- version/vmware nsx/6.0.1
- version/vmware nsx/6.0.2
- version/vmware nsx/6.0.3
- version/vmware nsx/6.0.4
- version/vmware nsx/6.0.5
- canonical/vmware vcloud networking and security
- version/vmware vcloud networking and security/5.1
- version/vmware vcloud networking and security/5.1.1
- version/vmware vcloud networking and security/5.1.2
- version/vmware vcloud networking and security/5.1.3
- version/vmware vcloud networking and security/5.1.4
- version/vmware vcloud networking and security/5.1.4.1
- version/vmware vcloud networking and security/5.5
- version/vmware vcloud networking and security/5.5.0a
- version/vmware vcloud networking and security/5.5.1
- version/vmware vcloud networking and security/5.5.2
- version/vmware vcloud networking and security/5.5.2.1