6 matches found
CVE-2019-5531
VMware vSphere ESXi 6.7 prior to ESXi670-201810101-SG, 6.5 prior to ESXi650-201811102-SG, and 6.0 prior to ESXi600-201807103-SG and VMware vCenter Server 6.7 prior to 6.7 U1b, 6.5 prior to 6.5 U2b, and 6.0 prior to 6.0 U3j contain an information disclosure vulnerability in clients arising from...
ESXi 6.0 / 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2019-0013)
The remote VMware ESXi host is version 6.0, 6.5 or 6.7 and is affected the following vulnerabilities: - A remote code execution vulnerability caused by a failure to sanitize filenames in the tab autocomplete feature of BusyBox. This allows an attacker to execute arbitrary code, write arbitrary...
VMware vCenter Server 6.0 / 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2019-0013)
The version of VMware vCenter Server installed on the remote host is 6.0 prior to U3j, 6.5 prior to U3, or 6.7 prior to U3, and is, therefore, affected by the following vulnerabilities: - An information disclosure vulnerability caused by insufficient session expiration. This allows an attacker wi...
CVE-2019-5531
Summary (validated by connected documents): CVE-2019-5531 affects VMware vSphere ESXi (6.7, 6.5, 6.0 lines) and vCenter Server (6.7, 6.5, 6.0 lines) due to an information disclosure vulnerability caused by insufficient session expiration. An attacker with physical access or who can mimic a websoc...
VMware ESXi and vCenter Server updates address command injection and information disclosure vulnerabilities. (CVE-2017-16544, CVE-2019-5531, CVE-2019-5532, CVE-2019-5534)
3a. VMware ESXi 'busybox' command injection vulnerability- CVE-2017-16544 ESXi contains a command injection vulnerability due to the use of vulnerable version of busybox that does not sanitize filenames which may result into executing any escape sequence in the shell. VMware has evaluated the...
VMSA-2019-0013:VMware ESXi and vCenter Server updates address command injection and information disclosure vulnerabilities.
VMware Security Advisories Advisory ID| VMSA-2019-0013.1 ---|--- Advisory Severity| Important CVSSv3 Range| 4.2-7.7 Synopsis| VMware ESXi and vCenter Server updates address command injection and information disclosure vulnerabilities. CVE-2017-16544, CVE-2019-5531, CVE-2019-5532, CVE-2019-5534...