Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Generic)  >   VMware vCenter Vendors:   VMware
VMware vCenter Chargeback Manager File Upload Flaw Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1028653
SecurityTracker URL:
CVE Reference:   CVE-2013-3520   (Links to External Site)
Date:  Jun 11 2013
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Chargeback Manager prior to 2.5.1
Description:   A vulnerability was reported in VMware vCenter Chargeback Manager. A remote user can execute arbitrary code on the target system.

A remote user can exploit a file upload flaw to execute arbitrary code on the target system.

Andrea Micalizzi, aka rgod, reported this vulnerability (via HP's Zero Day Initiative).

Impact:   A remote user can execute arbitrary code on the target system.
Solution:   The vendor has issued a fix (2.5.1).

The vendor's advisory is available at:

Vendor URL: (Links to External Site)
Cause:   Not specified
Underlying OS:  Windows (2003), Windows (2008)

Message History:   None.

 Source Message Contents

Subject:  [Security-announce] NEW VMSA-2013-0008 VMware vCenter Chargeback Manager Remote Code Execution

Hash: SHA1

- -----------------------------------------------------------------------
                   VMware Security Advisory

Advisory ID: VMSA-2013-0008
Synopsis:    VMware vCenter Chargeback Manager Remote Code Execution
Issue date:  2013-06-11
Updated on:  2013-06-11 (initial advisory)
CVE number:  CVE-2013-3520
- -----------------------------------------------------------------------

1. Summary

    The vCenter Chargeback Manager contains a critical vulnerability 
    that allows for remote code execution.

2. Relevant releases

    VMware vCenter Chargeback Manager prior to version 2.5.1

3. Problem Description 

   a. vCenter Chargeback Manager Remote Code Execution
      The vCenter Chargeback Manager (CBM) contains a flaw in its 
      handling of file uploads. Exploitation of this issue may 
      allow an unauthenticated attacker to execution code remotely.

      VMware would like to thank Andrea Micalizzi, aka rgod, for 
      reporting this issue to us through HP's Zero Day Initiative (ZDI).

      The Common Vulnerabilities and Exposures project (
      has assigned the name CVE-2013-3520 to this issue. 

      Column 4 of the following table lists the action required to
      remediate the vulnerability in each release, if a solution is 

        VMware		Product	Running	Replace with/
        Product		Version	on	Apply Patch
        =============	=======	=======	=================
	CBM	 	2.0.1 	any 	CBM 2.5.1		
	CBM 		2.5 	any 	CBM 2.5.1

 4. Solution

      Please review the patch/release notes for your product and version 
      and verify the checksum of your downloaded file. 

      VMware vCenter Chargeback Manager

      Download link:

      Release Notes:

5. References

- -----------------------------------------------------------------------

6. Change log

   2013-06-11 VMSA-2013-0008
   Initial security advisory in conjunction with the release of 
   CBM 2.5.1 on 2013-06-11.

- -----------------------------------------------------------------------

7. Contact

   E-mail list for product security notifications and announcements:
   This Security Advisory is posted to the following lists:
     * security-announce at
     * bugtraq at
     * full-disclosure at
   E-mail:  security at
   PGP key at:
   VMware Security Advisories
   VMware security response policy
   General support life cycle policy
   VMware Infrastructure support life cycle policy
   Copyright 2013 VMware Inc. All rights reserved.

Version: Encryption Desktop 10.3.0 (Build 8741)
Charset: utf-8

Security-announce mailing list

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, LLC