13053 matches found
Critical Patches Released for New Flaws in Cisco, Fortinet, VMware Products
Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited to perform arbitrary actions on affected devices. The first set from Cisco consists of three flaws – CVE-2024-20252 and CVE-2024-20254 CVSS score:...
VMWare Aria Operations for Networks 6.x < 6.12 Multiple Vulnerabilities (VMSA-2024-0002)
According to its self-reported version, the instance of VMWare Aria Operations for Networks running on the remote web server is 6.x 6.12.0.1706185032. It is, therefore, affected by multiple vulnerabilities: - Aria Operations for Networks contains a local privilege escalation vulnerability. A...
VMware Releases Security Advisory for Aria Operations for Networks
VMware released a security advisory to address multiple vulnerabilities in Aria Operations for Networks. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware security advisory...
Security Bulletin: IBM Sterling Control Center vulnerable to denial of service due to Spring Boot and remote code execution due to Spring Framework
Summary IBM Sterling Control Center containerized image uses VMWare Tanzu Spring Boot and Pivotal Spring Framework. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-20883 DESCRIPTION: VMware Tanzu Spring Boot is vulnerable to a denial...
The vulnerability of the network and application monitoring tool in VMware Aria Operations for Networks, due to deficiencies in access control, allows a malicious actor to elevate their privileges to the root user level.
The vulnerability of the network and application monitoring tool in VMware Aria Operations for Networks is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to elevate their privileges to the level of a root user...
VMware Aria Operations Cross-Site Scripting Vulnerability
VMware Aria Operations is a unified, AI-driven, self-driving IT operations management platform for private, hybrid and multi-cloud environments from VMware, Inc. A security vulnerability exists in VMware Aria Operations for Networks. An attacker could exploit this vulnerability to perform...
VMware Aria Operations Security Vulnerability
VMware Aria Operations is a unified, AI-driven, self-driving IT operations management platform for private, hybrid, and multi-cloud environments from VMware, Inc. A security vulnerability exists in VMware Aria Operations. An attacker could exploit the vulnerability to escalate privileges...
VMware Aria Operations Security Vulnerability
VMware Aria Operations is a unified, AI-driven, self-driving IT operations management platform for private, hybrid and multi-cloud environments from VMware, Inc. A security vulnerability exists in VMware Aria Operations for Networks. An attacker could exploit the vulnerability to escalate...
PT-2024-1682 · Vmware · Vmware Aria Operations For Networks
Name of the Vulnerable Software and Affected Versions: VMware Aria Operations for Networks affected versions not specified Description: The issue is related to a local file read vulnerability in VMware Aria Operations for Networks. This vulnerability can be exploited by a malicious actor with adm...
VMware Aria Operations Security Vulnerability
VMware Aria Operations is a unified, AI-driven, self-driving IT operations management platform for private, hybrid and multi-cloud environments from VMware, Inc. A security vulnerability exists in VMware Aria Operations for Networks. An attacker could exploit the vulnerability to access sensitive...
The vulnerability of the Hitachi Storage Plug-in for VMware vCenter, related to the incorrect use of standard permissions, allows a malicious actor to read and update arbitrary data.
The vulnerability of the Hitachi Storage Plug-in for VMware vCenter is related to the incorrect use of standard permissions. Exploiting this vulnerability allows an attacker to read and update arbitrary data...
Security Bulletin: IBM Observability with Instana is affected by Multiple Security Vulnerabilities
Summary Multiple vulnerabilities were remediated in IBM Observability with Instana build 265. Vulnerability Details CVEID:CVE-2023-20861 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service. By sending a specially crafted SpEL expression, a remote attacker could exploit...
VMSA-2024-0002:VMware Aria Operations for Networks (Formerly vRealize Network Insight) updates address multiple vulnerabilities
Advisory ID: VMSA-2024-0002 CVSSv3 Range: 4.3 - 7.8 Issue Date:2024-02-06 Updated On: 2024-02-06 Initial Advisory CVEs: CVE-2024-22237, CVE-2024-22238, CVE-2024-22239, CVE-2024-22240, CVE-2024-22241 Synopsis: VMware Aria Operations for Networks Formerly vRealize Network Insight updates address...
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in VMware Tanzu Spring Boot
Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of VMware Tanzu Spring Boot . Vulnerability Details CVEID:CVE-2023-34055 DESCRIPTION: VMware Tanzu Spring Boot is vulnerable to a denial of service, caused by a flaw when application uses Spring MVC or...
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to snappy-java information disclosure vulnerabilitiy [CVE-2023-20883]
Summary Potential VMware Tanzu Spring Boot denial of service, vulnerability caused by a flaw when Spring MVC is used together with a reverse proxy cache have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details fo...
File and Directory Permissions Vulnerability in Hitachi Storage Plug-in for VMware vCenter
Overview A File and Directory Permissions Vulnerability exists in Hitachi Storage Plug-in for VMware vCenter. Affected products and versions are listed below. Please upgrade your version to the appropriate version. Impact Regarding the impact of the vulnerability, please refer to the vendor...
Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities
Summary IBM Data Risk Manager IDRM 2.0.6.19, which is the only supported version, is affected by multiple vulnerabilities. The vulnerabilities have been addressed in the updated version of IDRM 2.0.6.20. Please see the remediation steps below to apply the fix. All customers are encouraged to act...
CVE-2024-21840
Incorrect Default Permissions vulnerability in Hitachi Storage Plug-in for VMware vCenter allows local users to read and write specific files. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.0.0 through 04.9.2...
CVE-2024-21840
Incorrect Default Permissions vulnerability in Hitachi Storage Plug-in for VMware vCenter allows local users to read and write specific files. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.0.0 through 04.9.2...
Design/Logic Flaw
Incorrect Default Permissions vulnerability in Hitachi Storage Plug-in for VMware vCenter allows local users to read and write specific files. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.0.0 through 04.9.2...