8 matches found
VMWare Cloud Foundation NSX-V - XML External Entity (XXE)
VMware Cloud Foundation NSX-V contains an XML External Entity XXE vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure. id: CVE-2022-31678 info: name: VMWare Cloud...
CVE-2022-31678
VMware Cloud Foundation NSX-V contains an XML External Entity XXE vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure...
Changes in OWASP API Security Top-10 2023RC | API Security Newsletter
Welcome to our March API newsletter, recapping some of the events of last month. And what a month it was. Among other buzzworthy news, OWASP published the initial Release Candidate for the 2023 API Security Top-10 list – we analyzed the ins & outs and presented them over the course of a couple of...
CVE-2022-31678
VMware Cloud Foundation NSX-V contains an XML External Entity XXE vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure...
CVE-2022-31678
VMware Cloud Foundation NSX-V contains an XML External Entity XXE vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure...
CVE-2022-31678
Summary: CVE-2022-31678 is an XXE vulnerability in VMware Cloud Foundation’s NSX-V component used with VCF 3.x, allowing denial of service or unintended information disclosure. The root cause is an XML External Entity flaw in NSX-V parsing, enabling crafted XML to cause adverse effects. Impact: B...
CVE-2022-31678
creationtimestamp| type| source ---|---|--- 2022-10-26 13:20:03+00:00| seen| https://t.me/truesecator/3619 2022-10-27 11:04:01+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/7054 2022-10-30 00:35:31+00:00| seen| https://t.me/cibsecurity/52192 2022-11-13 21:29:01+00:00|...
VMware Releases Patch for Critical RCE Flaw in Cloud Foundation Platform
VMware on Tuesday shipped security updates to address a critical security flaw in its VMware Cloud Foundation product. Tracked as CVE-2021-39144, the issue has been rated 9.8 out of 10 on the CVSS vulnerability scoring system, and relates to a remote code execution vulnerability via XStream open...