Lucene search
K

8 matches found

hivepro
hivepro
added 2023/10/27 1:16 p.m.61 views

Vmware vCenter Flaws Leading to RCE Attacks

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Two vulnerabilities, CVE-2023-34048 and CVE-2023-34056, were identified in VMware vCenter Server, a server management software used for centralized management of virtual machines and ESXi hosts...

7.5CVSS7.8AI score0.99428EPSS
Exploits1
Circl
Circl
added 2023/10/26 12:34 p.m.7 views

CVE-2023-34056

creationtimestamp| type| source ---|---|--- 2023-10-26 12:34:20+00:00| seen| https://t.me/truesecator/5008...

4.3CVSS7.1AI score0.00667EPSS
Exploits0References1
OSV
OSV
added 2023/10/25 6:17 p.m.2 views

CVE-2023-34056

vCenter Server contains a partial information disclosure vulnerability. A malicious actor with non-administrative privileges to vCenter Server may leverage this issue to access unauthorized data...

4.3CVSS5.8AI score0.00667EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2023/10/25 6:44 a.m.42 views

Update vCenter Server now! VMWare fixes critical vulnerability

VMWare has issued an update to address one out-of-bounds write and one information disclosure vulnerability in its server management software, vCenter Server. Since there are no in-product workarounds, customers are advised to apply the updates urgently. The affected products are VMware vCenter...

7.5CVSS7.4AI score0.99428EPSS
Exploits1
CVE
CVE
added 2023/10/25 4:24 a.m.234 views

CVE-2023-34056

CVE-2023-34056 affects VMware vCenter Server, with a partial information disclosure vulnerability where a remote attacker with non-administrative privileges can access data they should not see. Affected versions are vCenter Server 7.0 before 7.0U3o and 8.0 before 8.0U2. The root cause is improper...

4.3CVSS4.6AI score0.00667EPSS
In wildExploits0References1Affected Software1
Cvelist
Cvelist
added 2023/10/25 4:24 a.m.32 views

CVE-2023-34056 VMware vCenter Server Partial Information Disclosure Vulnerability

vCenter Server contains a partial information disclosure vulnerability. A malicious actor with non-administrative privileges to vCenter Server may leverage this issue to access unauthorized data...

4.3CVSS4.6AI score0.00667EPSS
Exploits0References1
VMware
VMware
added 2023/10/25 12:0 a.m.30 views

VMware vCenter Server updates address out-of-bounds write and information disclosure vulnerabilities (CVE-2023-34048, CVE-2023-34056)

3a. VMware vCenter Server Out-of-Bounds Write Vulnerability CVE-2023-34048 vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base sco...

7.5CVSS6.4AI score0.99428EPSS
Exploits1References8Affected Software2
ATTACKERKB
ATTACKERKB
added 2023/10/25 12:0 a.m.58 views

CVE-2023-34056

vCenter Server contains a partial information disclosure vulnerability. A malicious actor with non-administrative privileges to vCenter Server may leverage this issue to access unauthorized data. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

4.3CVSS4.5AI score0.00667EPSS
In wildExploits0References2
Rows per page
Query Builder