1050 matches found
CVE-2017-4922
VMware vCenter Server 6.5 prior to 6.5 U1 contains an information disclosure issue due to the service startup script using world writable directories as temporary storage for critical information. Successful exploitation of this issue may allow unprivileged host users to access certain critical...
CVE-2017-4921
VMware vCenter Server 6.5 prior to 6.5 U1 contains an insecure library loading issue that occurs due to the use of LDLIBRARYPATH variable in an unsafe manner. Successful exploitation of this issue may allow unprivileged host users to load a shared library that may lead to privilege escalation...
CVE-2017-4923
VMware vCenter Server 6.5 prior to 6.5 U1 contains an information disclosure vulnerability. This issue may allow plaintext credentials to be obtained when using the vCenter Server Appliance file-based backup feature...
CVE-2017-4921
VMware vCenter Server 6.5 prior to 6.5 U1 contains an insecure library loading issue that occurs due to the use of LDLIBRARYPATH variable in an unsafe manner. Successful exploitation of this issue may allow unprivileged host users to load a shared library that may lead to privilege escalation...
CVE-2017-4922
VMware vCenter Server 6.5 prior to 6.5 U1 contains an information disclosure issue due to the service startup script using world writable directories as temporary storage for critical information. Successful exploitation of this issue may allow unprivileged host users to access certain critical...
CVE-2017-4921
The CVE-2017-4921 issue affects VMware vCenter Server 6.5 prior to 6.5 U1. The root cause is an insecure library loading mechanism that uses LD_LIBRARY_PATH in an unsafe way, which can allow an unprivileged host user to load a shared library and potentially escalate privileges. Relevant connected...
CVE-2017-4923
CVE-2017-4923 affects VMware vCenter Server Appliance backup: version 6.5 before 6.5 U1 stores sensitive backup data in plaintext, enabling information disclosure. Root cause: plaintext storage of credentials in the vCenter backup feature. Impact: plaintext credentials disclosure possible via fil...
CVE-2017-4922
The CVE-2017-4922 entry affects VMware vCenter Server (6.5 prior to 6.5 U1) and is an information-disclosure vulnerability caused by the service startup script using world-writable directories for temporary storage. This design allows unprivileged host users to access certain sensitive informatio...
CVE-2017-4923
VMware vCenter Server 6.5 prior to 6.5 U1 contains an information disclosure vulnerability. This issue may allow plaintext credentials to be obtained when using the vCenter Server Appliance file-based backup feature...
VMware vCenter Server DLL Load Local Elevation of Privilege Vulnerability
VMware vCenter Server is a suite of server and virtualization management software from VMware. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructures. A local lift vulnerability exists in VMware...
VMware vCenter Server Information Disclosure Vulnerability (CNVD-2017-26825)
VMware vCenter Server is a suite of server and virtualization management software from VMware. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructures. An information disclosure vulnerability exis...
VMware vCenter Server Local Information Disclosure Vulnerability
VMware vCenter Server is a suite of server and virtualization management software from VMware. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructures. A local information disclosure vulnerability...
VMware vCenter Server Appliance 6.5 < 6.5 U1 Multiple Vulnerabilities (VMSA-2017-0013)
The version of VMware vCenter Server Appliance installed on the remote host is 6.5 prior to 6.5 Update 1 6.5 U1. It is, therefore, affected by multiple vulnerabilities : - An insecure library loading issue exists due to the use of the LDLIBRARYPATH variable to look for specific files or libraries...
Design/Logic Flaw
VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges to use the VIX API to access Guest Operating Systems without the need to authenticate...
CVE-2017-4919
VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges to use the VIX API to access Guest Operating Systems without the need to authenticate...
CVE-2017-4919
VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges to use the VIX API to access Guest Operating Systems without the need to authenticate...
CVE-2017-4919
VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges to use the VIX API to access Guest Operating Systems without the need to authenticate...
CVE-2017-4919
CVE-2017-4919 concerns VMware vCenter Server (versions 5.5, 6.0, 6.5) where vSphere users with limited privileges could use the VIX API to access Guest Operating Systems without authentication. The VMware VIX API VM Direct Access Function vulnerability stems from a capability that lets certain ma...
VMware vCenter Server Elevation of Privilege Vulnerability
VMware vCenter Server is a suite of server and virtualization management software from VMware. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructures. A security vulnerability exists in VMware...
VMSA-2017-0013:VMware vCenter Server and Tools updates resolve multiple security vulnerabilities
VMSA-2017-0013 VMware vCenter Server and Tools updates resolve multiple security vulnerabilities VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2017-0013 VMware Security Advisory Severity: Moderate VMware Security Advisory Synopsis: VMware vCenter Server and Tools updates...