22 matches found
EUVD-2016-6287
Malware in sbrugna...
EUVD-2015-2437
Malware in sbrugna...
EUVD-2018-18702
Malware in sbrugna...
多款VMware产品安全漏洞
VMware vRealize Automation and others are products of VMware, Inc. vRealize Automation is a management tool that provides self-service, supervised multi-cloud automation. vMware Workspace One Access is a centralized management console that enables you to manage users and groups, set and manage...
多款VMware产品授权问题漏洞
VMware vRealize Automation is a management tool that provides self-service, supervisory multi-cloud automation.VMware Workspace One Access is a centralized management console through which you can manage users and groups, set and manage authentication and access policies, and add resources to the...
Jenkins VMware vRealize Automation Plugin Missing Encryption of Sensitive Data
Jenkins VMware vRealize Automation Plugin stores credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...
多款 VMware 产品授权问题漏洞
Vmware vRealize Automation and others are products of Vmware, Inc. vRealize Automation is a management tool that provides self-service, supervised multi-cloud automation. vRealize Automation is a management tool that provides self-service, supervised multi-cloud automation. vRealize Automation is...
VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)
1. Impacted Products VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Cloud Proxy VMware vRealize Automation VMware vRealize...
CVE-2019-1003068
Jenkins VMware vRealize Automation Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-1003068
Jenkins VMware vRealize Automation Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2019-1003068
Jenkins VMware vRealize Automation Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
VMware vRealize Automation 7.0.x / 7.1.x / 7.2.x / 7.3.x < 7.3.1 DOM-based XSS Vulnerability (VMSA-2018-0009)
The version of VMware vRealize Automation installed on the remote host is 7.0.x, 7.1.x, 7.2.x, or 7.3.x 7.3.1. It is, therefore, affected by vulnerability that may allow for a DOM-based cross-site scripting XSS attack. Exploitation of this issue may lead to the compromise of the vRA user's...
VMware vRealize Automation 7.0.x / 7.1.x / 7.2.x / 7.3.x Session IDs Handling Vulnerability (VMSA-2018-0009)
The version of VMware vRealize Automation installed on the remote host is 7.0.x, 7.1.x, 7.2.x, or 7.3.x. It is, therefore, affected by a vulnerability in handling of session IDs. Exploitation of this issue may lead to the hijacking of a valid vRA user's session. C Tenable Network Security, Inc...
VMware vRealize Automation 6.x / 7.x Information Disclosure Vulnerability (VMSA-2018-0021
The version of VMware vRealize Automation installed on the remote host is 6.x or 7.x. It is, therefore, affected by an information disclosure vulnerability. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid112209; scriptversion"1.5";...
Cross site scripting
VMware vRealize Automation vRA prior to 7.3.1 contains a vulnerability that may allow for a DOM-based cross-site scripting XSS attack. Exploitation of this issue may lead to the compromise of the vRA user's workstation...
VMware vRealize Automation Deserialization Vulnerability (VMSA-2018-0006)
The VMware vRealize Automation application running on the remote host is version 7.2 or 7.3 and is missing security patches indicated in the vendor advisory. It is, therefore, affected by a deserialization vulnerability. TRUSTED...
CVE-2017-4947
VMware vRealize Automation 7.3 and 7.2 and vSphere Integrated Containers 1.x before 1.3 contain a deserialization vulnerability via Xenon. Successful exploitation of this issue may allow remote attackers to execute arbitrary code on the appliance...
VMware vRealize Automation 7.0.x < 7.1 Multiple Vulnerabilities (VMSA-2016-0013)
The VMware vRealize Automation application running on the remote host is version 7.0.x prior to 7.1. It is, therefore, affected by the following vulnerabilities : - An unspecified flaw exists that allows a local attacker to elevate privileges from a low-privileged account to root access...
VMware vRealize Automation Detection (HTTP)
HTTP based detection of VMware vRealize Automation. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
VMware vRealize Automation Web UI Detection
Binary data vmwarevrealizeautomationwebuidetect.nbin...