1050 matches found
VMware vCenter Server 安全漏洞
VMware vCenter Server is a suite of server and virtualization management software from VMware. The software provides a centralized platform for managing VMware vSphere environments that automates the implementation and delivery of virtual infrastructures. A security vulnerability exists in VMware...
CVE-2024-38813
The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker...
CVE-2024-38812
The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution. Recent...
PT-2024-6469
Name of the Vulnerable Software and Affected Versions VMware vCenter Server affected versions not specified Description The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges t...
PT-2024-6262
Name of the Vulnerable Software and Affected Versions VMware vCenter Server versions 7.0 through 8.0 VMware Cloud Foundation versions 7.0 through 8.0 Description VMware vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with netwo...
VMware vCenter Server vmdir Information Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware vCenter Server vmdir Information Disclosure', 'Description' = %q This module uses an anonymous-bind LDAP connection to dump data from the...
VMware VCenter Server Vmdir Authentication Bypass
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware vCenter Server vmdir Authentication Bypass', 'Description' = %q This module bypasses LDAP authentication in VMware vCenter Server's vmdir...
Vulnerabilities fixed in VMware ESXi and vCenter Server
VMware has fixed vulnerabilities in ESXi and vCenter Server. A malicious party can exploit the vulnerabilities to cause a denial-of-service on the host, or to grant itself elevated privileges to perform actions that the malicious party is not initially authorized to perform. This does require the...
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-34102 Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference XXE Vulnerability CVE-2024-28995 SolarWinds Serv-U Path...
VMware vCenter Server Incorrect Default File Permissions Vulnerability
VMware vCenter Server contains an incorrect default file permissions vulnerability that allows a remote, privileged attacker to gain access to sensitive information...
Citrix Virtual Apps and Desktop - Machine Creation (MCS, PVS, App Layering)
Introduction This article is a summary of the top support articles related to Machine Creation including MCS, PVS and App Layering Top Support Knowledge Content Host Connections and Resource Errors CTX224551 - Delivery Controller cannot contact vCenter server after certificate update on vCenter...
The vulnerability of the software for managing VMware vCenter Server’s virtual infrastructure arises from improper code generation, allowing an attacker to execute arbitrary code.
The vulnerability of VMware vCenter Server’s software management software is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the software for managing virtual infrastructure such as VMware vCenter Server and VMware Cloud Foundation allows a malicious actor to trigger service failures due to uncontrolled resource consumption.
The vulnerability of the software for managing virtual infrastructure such as VMware vCenter Server and VMware Cloud Foundation is related to an uncontrolled consumption of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
VMware vCenter Server 7.0 < 7.0U3q / 8.0 < 8.0U3 DoS (CVE-2024-37087)
The version of VMware vCenter Server installed on the remote host is 7.0 prior to 7.0U3q, or 8.0 prior to 8.0U3. It is, therefore, affected by an denial-of-service vulnerability as referenced in the VMSA-2024-0013 advisory. Note that Nessus has not tested for these issues but has instead relied...
The vulnerability of VMware vCenter Server’s software management system is related to deficiencies in authentication procedures, which allow attackers to escalate their privileges.
The vulnerability of VMware vCenter Server’s software management software is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow attackers to gain increased privileges...
CVE-2024-37087
The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network access to vCenter Server may create a denial-of-service condition...
CVE-2024-37087
The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network access to vCenter Server may create a denial-of-service condition...
CVE-2024-37087
The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network access to vCenter Server may create a denial-of-service condition...
CVE-2024-37087
The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network access to vCenter Server may create a denial-of-service condition...
CVE-2024-37087
CVE-2024-37087 : VMware vCenter Server suffers a Denial of Service due to improper input validation in the License Server. A remote attacker with network access can trigger DoS. The issue is rated moderate (CVSSv3 base 5.3). Remediation per connected sources includes upgrading to fixed versions: ...