5 matches found
VMware vCenter Server H5 Client Stored XSS Vulnerability (VMSA-2017-0015)
VMware vCenter Server is prone to a cross-site scripting XSS vulnerability. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...
Privilege escalation
VMware vCenter Server 6.5 prior to 6.5 U1 contains an insecure library loading issue that occurs due to the use of LDLIBRARYPATH variable in an unsafe manner. Successful exploitation of this issue may allow unprivileged host users to load a shared library that may lead to privilege escalation...
Information disclosure
VMware vCenter Server 6.5 prior to 6.5 U1 contains an information disclosure issue due to the service startup script using world writable directories as temporary storage for critical information. Successful exploitation of this issue may allow unprivileged host users to access certain critical...
CVE-2017-4923
VMware vCenter Server 6.5 prior to 6.5 U1 contains an information disclosure vulnerability. This issue may allow plaintext credentials to be obtained when using the vCenter Server Appliance file-based backup feature...
CVE-2017-4923
VMware vCenter Server 6.5 prior to 6.5 U1 contains an information disclosure vulnerability. This issue may allow plaintext credentials to be obtained when using the vCenter Server Appliance file-based backup feature...