{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T17:21:05.270","vulnerabilities":[{"cve":{"id":"CVE-2019-5537","sourceIdentifier":"security@vmware.com","published":"2019-10-28T16:15:14.887","lastModified":"2024-11-21T04:45:09.117","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance (6.7 before 6.7u3a and 6.5 before 6.5u3d) may allow a malicious actor to intercept sensitive data in transit over FTPS and HTTPS. A malicious actor with man-in-the-middle positioning between vCenter Server Appliance and a backup target may be able to intercept sensitive data in transit during File-Based Backup and Restore operations."},{"lang":"es","value":"Una vulnerabilidad de divulgación de información confidencial resultando de la falta de comprobación del certificado durante las operaciones de Copia de Seguridad y Restauración Basadas en Archivos de VMware vCenter Server Appliance (versiones 6.7 anteriores a 6.7u3a y versiones 6.5 anteriores a 6.5u3d), puede permitir a un actor malicioso interceptar datos confidenciales en tránsito por medio de FTPS y HTTPS. Un actor malicioso con un posicionamiento de tipo man-in-the-middle entre vCenter Server Appliance y una copia de seguridad objetivo, puede interceptar datos confidenciales en tránsito durante las operaciones de Copia de Seguridad y Restauración Basadas en Archivos."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*","matchCriteriaId":"23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*","matchCriteriaId":"CF7DDB0C-3C07-4B5E-8B8A-0542FEE72877"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*","matchCriteriaId":"1DD16169-A7DF-4604-888C-156A60018E32"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*","matchCriteriaId":"46FC9F34-C8FA-4AFE-9F4A-7CF9516BD4D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*","matchCriteriaId":"D26534EB-327B-4ED6-A3E1-005552CB1F9D"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*","matchCriteriaId":"786CDD50-7E18-4437-8DB9-2D0ADECD436E"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*","matchCriteriaId":"B2CE8DAE-0E78-4004-983D-1ECD8855EC33"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.5:update1:*:*:*:*:*:*","matchCriteriaId":"7E51F433-1152-4E94-AF77-970230B1A574"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.5:update1b:*:*:*:*:*:*","matchCriteriaId":"0064D104-E0D8-481A-9029-D3726A1A9CF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.5:update1c:*:*:*:*:*:*","matchCriteriaId":"9B4D3F61-6CD9-411F-A205-EB06A57EBB4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.5:update1d:*:*:*:*:*:*","matchCriteriaId":"F72A1E9C-F960-4E8C-A46C-B38209E6349E"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.5:update1e:*:*:*:*:*:*","matchCriteriaId":"2C33CE46-F529-4EA9-9344-6ED3BFA7019D"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.5:update1g:*:*:*:*:*:*","matchCriteriaId":"9F1D8161-0E02-45C9-BF61-14799AB65E03"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.5:update2:*:*:*:*:*:*","matchCriteriaId":"1F2CB1FF-6118-4875-945D-07BAA3A21FFA"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.5:update2b:*:*:*:*:*:*","matchCriteriaId":"1AEDA28A-5C8E-4E95-A377-3BE530DBEAB5"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.5:update2c:*:*:*:*:*:*","matchCriteriaId":"BDDC6510-3116-4578-80C8-8EF044A8370A"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.5:update2d:*:*:*:*:*:*","matchCriteriaId":"8678DB48-CB98-4E4C-ADE6-CABA73265FEC"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.5:update2g:*:*:*:*:*:*","matchCriteriaId":"DBD9A341-1FBF-4E04-848B-550DEB27261A"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.5:update3:*:*:*:*:*:*","matchCriteriaId":"4955663C-1BB6-4F3E-9D4B-362DF144B7F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*","matchCriteriaId":"E456F84C-A86E-4EA9-9A3E-BEEA662136E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*","matchCriteriaId":"5241C282-A02B-44B2-B6CA-BA3A99F9737C"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*","matchCriteriaId":"04A60AC7-C2EA-4DBF-9743-54D708584AFA"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*","matchCriteriaId":"8A91B0C4-F184-459E-AFD3-DE0E351CC964"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.7:update1:*:*:*:*:*:*","matchCriteriaId":"23253631-2655-48A8-9B00-CB984232329C"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.7:update1b:*:*:*:*:*:*","matchCriteriaId":"50C2A9A8-0E66-4702-BCD4-74622108E7A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.7:update2:*:*:*:*:*:*","matchCriteriaId":"EE4D3E2A-C32D-408F-B811-EF8BC86F0D34"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.7:update2a:*:*:*:*:*:*","matchCriteriaId":"31CA7802-D78D-4BAD-A45A-68B601C010C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.7:update2c:*:*:*:*:*:*","matchCriteriaId":"3B98981B-4721-4752-BAB4-361DB5AEB86F"},{"vulnerable":true,"criteria":"cpe:2.3:a:vmware:vcenter_server:6.7:update3:*:*:*:*:*:*","matchCriteriaId":"04487105-980A-4943-9360-4442BF0411E6"}]}]}],"references":[{"url":"https://www.vmware.com/security/advisories/VMSA-2019-0018.html","source":"security@vmware.com","tags":["Vendor Advisory"]},{"url":"https://www.vmware.com/security/advisories/VMSA-2019-0018.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}