CVE-2024-22260

VMware Workspace One UEM update addresses an information exposure vulnerability. A malicious actor with network access to the Workspace One UEM may be able to perform an attack resulting in an information exposure...

CVE-2024-22272

VMware Cloud Director contains an Improper Privilege Management vulnerability. An authenticated tenant administrator for a given organization within VMware Cloud Director may be able to accidentally disable their organization leading to a Denial of Service for active sessions within their own...

CVE-2024-22276

VMware Cloud Director Object Storage Extension contains an Insertion of Sensitive Information vulnerability. A malicious actor with adjacent access to web/proxy server logging may be able to obtain sensitive information from URLs that are logged...

CVE-2024-22276

VMware Cloud Director Object Storage Extension contains an Insertion of Sensitive Information vulnerability. A malicious actor with adjacent access to web/proxy server logging may be able to obtain sensitive information from URLs that are logged...

CVE-2024-22276

VMware Cloud Director Object Storage Extension contains an Insertion of Sensitive Information vulnerability. A malicious actor with adjacent access to web/proxy server logging may be able to obtain sensitive information from URLs that are logged...

CVE-2024-22276

The CVE-2024-22276 entry concerns VMware Cloud Director Object Storage Extension. Affected component: Object Storage Extension (versions 2.x, 3.0, 3.1; 3.1 listed as unaffected in the advisory). Vulnerability: Insertion of Sensitive Information. Root cause: exposure via adversarial access to web/...

CVE-2024-22272

CVE-2024-22272 concerns VMware Cloud Director vulnerability: improper privilege management that allows an authenticated tenant administrator to accidentally disable their organization, causing a Denial of Service for active sessions within that org. CVSSv3.1 base score 4.9 (AV:N/AC:L/PR:H/UI:N/S:...

CVE-2024-22272

VMware Cloud Director contains an Improper Privilege Management vulnerability. An authenticated tenant administrator for a given organization within VMware Cloud Director may be able to accidentally disable their organization leading to a Denial of Service for active sessions within their own...

CVE-2024-22272

VMware Cloud Director contains an Improper Privilege Management vulnerability. An authenticated tenant administrator for a given organization within VMware Cloud Director may be able to accidentally disable their organization leading to a Denial of Service for active sessions within their own...

CVE-2024-22260

VMware Workspace One UEM update addresses an information exposure vulnerability. A malicious actor with network access to the Workspace One UEM may be able to perform an attack resulting in an information exposure...

CVE-2024-22260

The CVE-2024-22260 entry relates to VMware Workspace ONE UEM where a network-accessible flaw could expose information. Affected product: VMware Workspace ONE UEM. Root cause/impact: information exposure with high confidentiality and integrity impact per CVSS 3.1 metrics (AV:N, AC:H, PR:N, UI:R; C...

CVE-2024-22260

VMware Workspace One UEM update addresses an information exposure vulnerability. A malicious actor with network access to the Workspace One UEM may be able to perform an attack resulting in an information exposure...

PT-2024-5014 · Vmware · Vmware Cloud Director

Name of the Vulnerable Software and Affected Versions: VMware Cloud Director affected versions not specified Description: The issue is related to improper privilege management, which can lead to a Denial of Service for active sessions within an organization's scope. An authenticated tenant...

The vulnerability of VMware vCenter Server’s software management system is related to deficiencies in authentication procedures, which allow attackers to escalate their privileges.

The vulnerability of VMware vCenter Server’s software management software is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow attackers to gain increased privileges...

VMSA-2024-0014:VMware Cloud Director addresses an improper privilege management vulnerability (CVE-2024-22272)

Advisory ID: | VMSA-2024-0014 ---|--- Advisory Severity: | Moderate CVSSv3 Range: | 4.9 Synopsis: | VMware Cloud Director addresses an Improper Privilege Management vulnerability CVE-2024-22272 Issue Date: | 2024-06-27 Updated on: | 2024-06-27 CVEs: | CVE-2024-22272 1. Impacted Products VMware...

VMSA-2024-0015: VMware Cloud Director Object Storage Extension addresses an Insertion of Sensitive Information vulnerability (CVE-2024-22276)

Advisory ID: | VMSA-2024-0015 ---|--- Advisory Severity: | Moderate CVSSv3 Range: | 5.3 Synopsis: | VMware Cloud Director Object Storage Extension addresses an Insertion of Sensitive Information vulnerability CVE-2024-22276 Issue Date: | 2024-06-27 Updated On: | 2024-06-27 Initial Advisory CVEs |...

Security Bulletin: A vulnerability in IBM WebSphere Application Server Liberty may affect IBM Storage Protect for Virtual Environments: Data Protection for VMware

Summary IBM Storage Protect for Virtual Environments: Data Protection for VMware can be affected by a security flaw in IBM WebSphere Application Server Liberty. The flaw can lead to weaker than expected security for outbound TLS connections, as described in the "Vulnerability Details" section...

VMware ESXi Out-of-Bounds Read Vulnerability (VMSA-2024-0013)

VMware ESXi is prone to an out-of-bounds read vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

VMware ESXi Authentication Bypass Vulnerability (VMSA-2024-0013)

VMware ESXi is prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-37085

VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory AD permissions can gain full access to an ESXi host that was previously configured to use AD for user management...