1050 matches found
CVE-2019-5538
Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance 6.7 before 6.7u3a and 6.5 before 6.5u3d may allow a malicious actor to intercept sensitive data in transit over SCP...
Information disclosure
Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance 6.7 before 6.7u3a and 6.5 before 6.5u3d may allow a malicious actor to intercept sensitive data in transit over FTP...
Information disclosure
Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance 6.7 before 6.7u3a and 6.5 before 6.5u3d may allow a malicious actor to intercept sensitive data in transit over SCP...
CVE-2019-5538
CVE-2019-5538 concerns a lack of certificate validation during VMware vCenter Server Appliance File-Based Backup and Restore, enabling a man-in-the-middle to intercept data in transit over SCP. Affected products are VMware vCenter Server Appliance 6.7 (before 6.7u3a) and 6.5 (before 6.5u3d). The ...
CVE-2019-5538
Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance 6.7 before 6.7u3a and 6.5 before 6.5u3d may allow a malicious actor to intercept sensitive data in transit over SCP...
CVE-2019-5537
Vulnerability: CVE-2019-5537 affects VMware vCenter Server Appliance 6.7 (before 6.7u3a) and 6.5 (before 6.5u3d), arising from lack of certificate validation in File-Based Backup and Restore, enabling an MITM attacker to intercept data in transit over FTPS/HTTPS. Connected advisory VMSA-2019-0018...
CVE-2019-5537
Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance 6.7 before 6.7u3a and 6.5 before 6.5u3d may allow a malicious actor to intercept sensitive data in transit over FTP...
VMware vCenter Server Appliance Information Disclosure Vulnerability (CNVD-2019-39366)
VMware vCenter Server is a suite of server and virtualization management software from VMware. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructures. An information disclosure vulnerability exis...
VMware vCenter Server Appliance Multiple Information Disclosure Vulnerabilities
Description VMware vCenter Server Appliance is prone to multiple information-disclosure vulnerabilities. Attackers can exploit these issues to obtain sensitive information that may aid in further attacks. VMware vCenter Server 6.5 and 6.7 are vulnerable; other versions may also be affected...
VMSA-2019-0018:VMware vCenter Server Appliance updates address sensitive information disclosure vulnerability in backup and restore functions
VMware Security Advisories Advisory ID| VMSA-2019-0018 ---|--- Advisory Severity| Moderate CVSSv3 Range| 6.8 Synopsis| VMware vCenter Server Appliance updates address sensitive information disclosure vulnerability in backup and restore functions CVE-2019-5537, CVE-2019-5538 Issue Date| 2019-10-24...
VMware vCenter Server 6.0 / 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2019-0013)
The version of VMware vCenter Server installed on the remote host is 6.0 prior to U3j, 6.5 prior to U3, or 6.7 prior to U3, and is, therefore, affected by the following vulnerabilities: - An information disclosure vulnerability caused by insufficient session expiration. This allows an attacker wi...
Information disclosure
VMware vSphere ESXi 6.7 prior to ESXi670-201810101-SG, 6.5 prior to ESXi650-201811102-SG, and 6.0 prior to ESXi600-201807103-SG and VMware vCenter Server 6.7 prior to 6.7 U1b, 6.5 prior to 6.5 U2b, and 6.0 prior to 6.0 U3j contain an information disclosure vulnerability in clients arising from...
CVE-2019-5531
VMware vSphere ESXi 6.7 prior to ESXi670-201810101-SG, 6.5 prior to ESXi650-201811102-SG, and 6.0 prior to ESXi600-201807103-SG and VMware vCenter Server 6.7 prior to 6.7 U1b, 6.5 prior to 6.5 U2b, and 6.0 prior to 6.0 U3j contain an information disclosure vulnerability in clients arising from...
CVE-2019-5534
VMware vCenter Server 6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j contains an information disclosure vulnerability where Virtual Machines deployed from an OVF could expose login information via the virtual machine's vAppConfig properties. A malicious actor with access to...
CVE-2019-5532
VMware vCenter Server 6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j contains an information disclosure vulnerability due to the logging of credentials in plain-text for virtual machines deployed through OVF. A malicious user with access to the log files containing vCenter...
CVE-2019-5532
VMware vCenter Server 6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j contains an information disclosure vulnerability due to the logging of credentials in plain-text for virtual machines deployed through OVF. A malicious user with access to the log files containing vCenter...
Information disclosure
VMware vCenter Server 6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j contains an information disclosure vulnerability where Virtual Machines deployed from an OVF could expose login information via the virtual machine's vAppConfig properties. A malicious actor with access to...
Information disclosure
VMware vCenter Server 6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j contains an information disclosure vulnerability due to the logging of credentials in plain-text for virtual machines deployed through OVF. A malicious user with access to the log files containing vCenter...
CVE-2019-5532
VMware vCenter Server 6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j contains an information disclosure vulnerability due to the logging of credentials in plain-text for virtual machines deployed through OVF. A malicious user with access to the log files containing vCenter...
CVE-2019-5532
CVE-2019-5532 affects VMware vCenter Server and is an information-disclosure vulnerability caused by plain-text logging of OVF deployment credentials. A malicious user with access to vCenter OVF log files could view credentials (typically root) used to deploy the VM. Affected product lines includ...