1050 matches found
CVE-2024-22274
The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system...
CVE-2024-22275
The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data...
CVE-2024-22274
The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system...
CVE-2024-22275
The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data...
CVE-2024-22275
The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data...
CVE-2024-22275
CVE-2024-22275 affects VMware vCenter Server and is a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell can exploit it to read arbitrary sensitive data from files, with Confidentiality impact rated High and other impacts not affected....
CVE-2024-22274
The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system...
CVE-2024-22274
VMware vCenter Server CVE-2024-22274 is an authenticated RCE that requires an admin on the vCenter appliance shell to run arbitrary OS commands. Public IBM Red Hat and other advisories confirm the issue and severity (CVSS 7.2, High) with a path to remediation: upgrade vCenter to a fixed release (...
CVE-2024-22274
The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system...
VMware vCenter Server 安全漏洞
VMware vCenter Server is a suite of server and virtualization management software from VMware. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructures. A security vulnerability exists in VMware...
PT-2024-4600 · Vmware · Vmware Vcenter Server +1
Name of the Vulnerable Software and Affected Versions: VMware vCenter Server affected versions not specified Description: The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit...
VMSA-2024-0011:VMware ESXi, Workstation, Fusion and vCenter Server updates address multiple security vulnerabilities (CVE-2024-22273, CVE-2024-22274, CVE-2024-22275)
Advisory ID: | VMSA-2024-0011.1 ---|--- Advisory Severity: | Important CVSSv3 Range: | 4.9-8.1 Synopsis: | VMware ESXi, Workstation, Fusion and vCenter Server updates address multiple security vulnerabilities CVE-2024-22273, CVE-2024-22274, CVE-2024-22275 Issue date: | 2024-05-21 Issue date: |...
VMware vCenter Server Out-of-Bounds Write Vulnerability
VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol that allows an attacker to conduct remote code execution...
Chinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 Years
An advanced China-nexus cyber espionage group previously linked to the exploitation of security flaws in VMware and Fortinet appliances has been attributed to the abuse of a critical vulnerability in VMware vCenter Server as a zero-day since late 2021. "UNC3886 has a track record of utilizing...
Critical CVEs in Outdated Versions of Atlassian Confluence and VMware vCenter Server
Rapid7 is highlighting two critical vulnerabilities in outdated versions of widely deployed software this week. Atlassian disclosed CVE-2023-22527, a template injection vulnerability in Confluence Server with a maxed-out CVSS score of 10, while VMware pushed a fresh update to its October 2023...
VulnCheck KEV: CVE-2023-34048
VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol that allows an attacker to conduct remote code execution...
PT-2024-4871 · Vmware · Vcenter Server +1
Name of the Vulnerable Software and Affected Versions: vCenter Server affected versions not specified Description: The issue is related to insufficient protection of internal data in the vCenter Server, which may allow a remote attacker to disclose sensitive information. A malicious actor with...
How to update vCenter Server certification in Citrix environments
Outlines the steps of how to update vCenter Server certification in on-premises and Cloud DaaS Citrix environments...
How to migrate to new vcenter host connection
Change Citrix to the new vCenter server...
VMware vCenter Server Appliance DCE/RPC Protocol Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware vCenter Server Appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of DCE/RPC protocol. The issue results from the lack ...