1050 matches found
CVE-2022-31698
The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header...
CVE-2022-31697
The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Server Appliance ISO operation Install/Upgrade/Migrate/Restore can access plaintext passwords used during that...
Information disclosure
The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Server Appliance ISO operation Install/Upgrade/Migrate/Restore can access plaintext passwords used during that...
Denial of service
The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header...
CVE-2022-31698
The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header...
CVE-2022-31698
The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header...
CVE-2022-31697
The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Server Appliance ISO operation Install/Upgrade/Migrate/Restore can access plaintext passwords used during that...
CVE-2022-31697
CVE-2022-31697 is an information disclosure vulnerability in VMware vCenter Server where credentials are logged in plaintext during operations on the vCenter Appliance ISO (Install/Upgrade/Migrate/Restore). The underlying issue enables a local attacker who has access to the workstation invoking t...
PT-2022-20894 · Vmware · Vcenter Server +1
Name of the Vulnerable Software and Affected Versions: vCenter Server affected versions not specified Description: The vCenter Server contains an information disclosure issue due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Serv...
CVE-2022-31698
The CVE-2022-31698 entry concerns VMware vCenter Server (and related ESXi components) with a denial-of-service in the content library service. According to the provided documents, a remote attacker who can access port 443 over the network can trigger a DoS by sending a specially crafted header, l...
CVE-2022-31697
The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Server Appliance ISO operation Install/Upgrade/Migrate/Restore can access plaintext passwords used during that...
VMware vCenter Server Content Library denial of service vulnerability
Talos Vulnerability Report TALOS-2022-1588 VMware vCenter Server Content Library denial of service vulnerability December 13, 2022 CVE Number CVE-2022-31698 SUMMARY A denial of service vulnerability exists in the Content Library functionality of VMware vCenter Server 6.5 Update 3t. A...
VMware vCenter Server local privilege elevation
Added: 12/12/2022 Background VMware vCenter Server is server management software for controlling VMware vSphere environments. Problem Improper permissions on the java-wrapper-vmon file allow authenticated, unprivileged attackers to gain root privileges. Resolution Upgrade to vCenter Server 7.0 U2...
VMware vCenter Server local privilege elevation
Added: 12/12/2022 Background VMware vCenter Server is server management software for controlling VMware vSphere environments. Problem Improper permissions on the java-wrapper-vmon file allow authenticated, unprivileged attackers to gain root privileges. Resolution Upgrade to vCenter Server 7.0 U2...
VMware ESXi和vCenter Server 信息泄露漏洞
VMware ESXi and VMware vCenter Server are both products of VMware, Inc. VMware ESXi is a server virtualization platform that can be installed directly on physical servers. vMware vCenter Server is a suite of server and virtualization management software. The software provides a centralized platfo...
VMware ESXi和vCenter Server 安全漏洞
VMware ESXi and VMware vCenter Server are both products of VMware, Inc. VMware ESXi is a server virtualization platform that can be installed directly on physical servers. vMware vCenter Server is a suite of server and virtualization management software. The software provides a centralized platfo...
VMware ESXi和vCenter Server 缓冲区错误漏洞
VMware ESXi and VMware vCenter Server are both products of VMware, Inc. VMware ESXi is a server virtualization platform that can be installed directly on physical servers. vMware vCenter Server is a suite of server and virtualization management software. The software provides a centralized platfo...
Vulnerabilities fixed in VMware vCenter and ESXi
VMWare has fixed several vulnerabilities in vCenter Server and ESXi. A malicious party could exploit the vulnerabilities to cause a denial-of-service, to gain access to sensitive data, including cleat-text passwords and, under certain circumstances to break out of the sandbox of a guest environme...
VMSA-2022-0030:VMware ESXi and vCenter Server updates address multiple security vulnerabilities
Advisory ID: VMSA-2022-0030 CVSSv3 Range: 4.2-7.5 Issue Date:2022-12-08 Updated On: 2022-12-08 Initial Advisory CVEs: CVE-2022-31696, CVE-2022-31697, CVE-2022-31698, CVE-2022-31699 Synopsis: VMware ESXi and vCenter Server updates address multiple security vulnerabilities CVE-2022-31696,...
VMware vCenter Server 6.5 < 6.5 U3u RCE (VMSA-2022-0025)
The version of VMware vCenter Server installed on the remote host is 6.5 prior to 6.5 U3u. It is, therefore, affected by a remote code execution vulnerability due to unsafe deserialization. A remote attacker with admin privileges on the affected server can exploit this vulnerability to execute...