3 matches found
CVE-2016-7460
The Single Sign-On feature in VMware vCenter Server 5.5 before U3e and 6.0 before U2a and vRealize Automation 6.x before 6.2.5 allows remote attackers to read arbitrary files or cause a denial of service via an XML document containing an external entity declaration in conjunction with an entity...
CVE-2016-7460
CVE-2016-7460 refers to an XML External Entity (XXE) vulnerability in the Single Sign-On feature of VMware products. Affects vCenter Server 5.5 before U3e and 6.0 before U2a, and vRealize Automation 6.x before 6.2.5. A specially crafted XML document containing an external entity declaration and a...
VMware vCenter Server 5.5.x < 5.5u3e / 6.0.x < 6.0u2a Multiple XXE Vulnerabilities (VMSA-2016-0022)
The version of VMware vCenter Server installed on the remote host is 5.5.x prior to 5.5u3e or 6.0.x prior to 6.0u2a. It is, therefore, affected by multiple XML external entity XXE vulnerabilities : - Multiple XML external entity XXE vulnerabilities exist in the Log Browser, the Distributed Switch...