173 matches found
VMware Issues Patches to Fix New Flaws Affecting Multiple Products
VMware on Wednesday shipped security updates to address vulnerabilities in multiple products that could be potentially exploited by an attacker to take control of an affected system. The six security weaknesses from CVE-2021-22022 through CVE-2021-22027, CVSS scores: 4.4 - 8.6 affect VMware...
VMware vRealize Log Insight 跨站脚本漏洞
Vmware VMware vRealize Log Insight is a centralized log management solution from VMware. The product supports features such as log organization and log analysis. A cross-site scripting vulnerability exists in VMware vRealize Log Insight that stems from insufficient cleansing of user-supplied data...
VMSA-2021-0019:VMware vRealize Log Insight updates address Cross Site Scripting (XSS) vulnerability
Advisory ID: VMSA-2021-0019 CVSSv3 Range: 6.5 Issue Date:2021-08-24 Updated On: 2021-08-24 Initial Advisory CVEs: CVE-2021-22021 Synopsis: VMware vRealize Log Insight updates address Cross Site Scripting XSS vulnerability CVE-2021-22021 RSS Feed Download PDF Download Text File Share this page on...
HPESBGN04151 rev.1 - HPE OneView for VMware vCenter, Remote Cross-Site Scripting
Potential Security Impact: Remote: Cross-Site Scripting XSS SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE OneView for VMware vCenter with Operations Manager and Log Insight - Prior to 10.2 CVSS Scores: | CVE | CVSS Vector | Base Score | | --- | --- | --- | | CVE-2021-26584 |...
The vulnerability of the vRealize Log Insight log management tool lies in the lack of security measures for the website structure, allowing attackers to perform cross-site scripting attacks.
The vulnerability of the log management tool vRealize Log Insight is related to the lack of security measures for the website structure. Exploiting this vulnerability could allow a malicious actor to perform a cross-site scripting attack remotely...
The vulnerability of the vRealize Log Insight log management tool lies in insufficient validation of input data, allowing a hacker to redirect users to a malicious website.
The vulnerability of the vRealize Log Insight log management tool is related to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to redirect users to a malicious website...
VMware vRealize Log Insight 4.x < 8.1.0 XSS Vulnerability (VMSA-2020-0007)
The VMware vRealize Log Insight application running on the remote host is 4.0.0 or later but prior to 8.1.0. It is, therefore, affected by a XSS vulnerability. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid135923; scriptversion"1.3";...
VMware vRealize Log Insight Input Validation Error Vulnerability
VMware vRealize Log Insight provides real-time log management capabilities for VMware environments. An input validation error vulnerability exists in VMware vRealize Log Insight, which stems from the program's inability to properly validate user input. An attacker could exploit the vulnerability...
VMware vRealize Log Insight Cross-Site Scripting Vulnerability (CNVD-2020-27463)
VMware vRealize Log Insight provides real-time log management capabilities for VMware environments. A cross-site scripting vulnerability exists in VMware vRealize Log Insight that originates from the program's inability to properly validate user input. An attacker could exploit the vulnerability ...
CVE-2020-3954
Open Redirect vulnerability exists in VMware vRealize Log Insight prior to 8.1.0 due to improper Input validation...
CVE-2020-3953
Cross Site Scripting XSS vulnerability exists in VMware vRealize Log Insight prior to 8.1.0 due to improper Input validation...
CVE-2020-3954
Open Redirect vulnerability exists in VMware vRealize Log Insight prior to 8.1.0 due to improper Input validation...
Open redirect
Open Redirect vulnerability exists in VMware vRealize Log Insight prior to 8.1.0 due to improper Input validation...
CVE-2020-3953
Cross Site Scripting XSS vulnerability exists in VMware vRealize Log Insight prior to 8.1.0 due to improper Input validation...
CVE-2020-3953
CVE-2020-3953 (and CVE-2020-3954) affect VMware vRealize Log Insight prior to 8.1.0 (and 4.x) due to improper input validation. Root cause: input validation failure enabling Cross Site Scripting (XSS) in the UI. Impact described as stored XSS potentially allowing payloads to execute in other user...
CVE-2020-3954
Open Redirect vulnerability exists in VMware vRealize Log Insight prior to 8.1.0 due to improper Input validation...
CVE-2020-3954
CVE-2020-3954 is an Open Redirect vulnerability in VMware vRealize Log Insight caused by improper input validation. The VMware VMSA-2020-0007 advisory and accompanying tables indicate impact on vRealize Log Insight 8.x (and 4.x) with Open Redirect exploitable via crafted URLs, enabling phishing-s...
VMware Releases Security Updates for vRealize Log Insight
VMware has released security updates to address vulnerabilities in VMware vRealize Log Insight. An attacker could exploit these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review VMware...
VMware vRealize Log Insight addresses Cross Site Scripting (XSS) and Open Redirect vulnerabilities (CVE-2020-3953, CVE-2020-3954)
3a. Cross Site Scripting XSS vulnerabilities in vRealize Log Insight due to improper Input validation CVE-2020-3953 vRealize Log Insight does not properly validate user input, resulting in XSS vulnerabilities. VMware has evaluated the severity of this issue to be in the Important severity range...
VMSA-2020-0007:VMware vRealize Log Insight addresses Cross Site Scripting (XSS) and Open Redirect vulnerabilities
Advisory ID: VMSA-2020-0007.2 CVSSv3 Range: 6.1 - 8.4 Issue Date:2020-04-14 Updated On: 2020-06-24 CVEs: CVE-2020-3953, CVE-2020-3954 Synopsis: VMware vRealize Log Insight addresses Cross Site Scripting XSS and Open Redirect vulnerabilities CVE-2020-3953, CVE-2020-3954 RSS Feed Download PDF...