4 matches found
VMware vCenter Server 6.0 / 6.5 / 6.7 Multiple Vulnerabilities (VMSA-2019-0013)
The version of VMware vCenter Server installed on the remote host is 6.0 prior to U3j, 6.5 prior to U3, or 6.7 prior to U3, and is, therefore, affected by the following vulnerabilities: - An information disclosure vulnerability caused by insufficient session expiration. This allows an attacker wi...
CVE-2019-5534
Summary (CVE-2019-5534): VMware vCenter Server and related ESXi/Vsphere components are affected by an information-disclosure issue in OVF deployments, where vAppConfig properties can reveal credentials (typically root) used to deploy the OVF. A malicious actor with access to query these vAppConfi...
VMware ESXi and vCenter Server updates address command injection and information disclosure vulnerabilities. (CVE-2017-16544, CVE-2019-5531, CVE-2019-5532, CVE-2019-5534)
3a. VMware ESXi 'busybox' command injection vulnerability- CVE-2017-16544 ESXi contains a command injection vulnerability due to the use of vulnerable version of busybox that does not sanitize filenames which may result into executing any escape sequence in the shell. VMware has evaluated the...
VMSA-2019-0013:VMware ESXi and vCenter Server updates address command injection and information disclosure vulnerabilities.
VMware Security Advisories Advisory ID| VMSA-2019-0013.1 ---|--- Advisory Severity| Important CVSSv3 Range| 4.2-7.7 Synopsis| VMware ESXi and vCenter Server updates address command injection and information disclosure vulnerabilities. CVE-2017-16544, CVE-2019-5531, CVE-2019-5532, CVE-2019-5534...