Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:49 p.m.4 views

CVE-2021-22015

The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. An authenticated local user with non-administrative privilege may exploit these issues to elevate their privileges to root on vCenter Server Appliance...

7.8CVSS7.1AI score0.01808EPSS
Exploits5References1
Rapid7 Blog
Rapid7 Blog
added 2022/12/09 8:36 p.m.131 views

Metasploit Wrap-Up

Login brute-force utility Jan Rude added a new module that gives users the ability to brute-force login for Linux Syncovery. This expands Framework's capability to scan logins to Syncovery, a popular web GUI for backups. WordPress extension SQL injection module Cydave, destr4ct, and jheysel-r7...

7.5CVSS0.2AI score0.37171EPSS
Exploits16
0day.today
0day.today
added 2022/12/07 12:0 a.m.304 views

VMware vCenter vScalation Privilege Escalation Exploit

This Metasploit module exploits a privilege escalation in vSphere/vCenter due to improper permissions on the /usr/lib/vmware-vmon/java-wrapper-vmon file. It is possible for anyone in the cis group to write to the file, which will execute as root on vmware-vmon service restart or host reboot. This...

7.8CVSS1.6AI score0.01808EPSS
Exploits5
Circl
Circl
added 2021/09/23 4:29 p.m.16 views

CVE-2021-22015

creationtimestamp| type| source ---|---|--- 2021-09-23 16:29:51+00:00| seen| https://t.me/cibsecurity/29287 2021-09-30 07:19:54+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/618 2021-09-30 07:28:29+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/619 2021-10-06...

7.8CVSS8AI score0.01808EPSS
Exploits5References7
CVE
CVE
added 2021/09/23 12:0 a.m.162 views

CVE-2021-22015

This CVE affects VMware vCenter Server (vCenter Appliance) and describes local privilege escalation due to improper permissions on the /usr/lib/vmware-vmon/java-wrapper-vmon file. An authenticated local user in the cis group can write to this file and cause vmware-vmon to run as root, elevating p...

7.8CVSS8AI score0.01808EPSS
Exploits5References2Affected Software2
Tenable Nessus
Tenable Nessus
added 2021/09/22 12:0 a.m.56 views

VMware vCenter Server < 6.5 U3q Multiple Vulnerabilities (VMSA-2021-0020)

The version of VMware vCenter Server installed on the remote host is 6.5 prior to 6.5 U3q. It is, therefore, affected by multiple vulnerabilities: - A privilege escalation vulnerability exists in vCenter Server due to the way it handles session tokens. An authenticated, local attacker can exploit...

9CVSS7.1AI score0.47642EPSS
Exploits5References13
Tenable Nessus
Tenable Nessus
added 2021/09/22 12:0 a.m.113 views

VMware vCenter Server < 7.0 U2c Multiple Vulnerabilities (VMSA-2021-0020)

The version of VMware vCenter Server installed on the remote host is 7.0 prior to 7.0 U2c. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file upload vulnerability exists in the analytics service of vSphere Server. An unauthenticated, remote attacker can exploit this to...

9.8CVSS8.2AI score0.99999EPSS
Exploits17References14
Tenable Nessus
Tenable Nessus
added 2021/09/22 12:0 a.m.264 views

VMware vCenter Server < 6.7 Multiple Vulnerabilities (VMSA-2021-0020)

The version of VMware vCenter Server installed on the remote host is 6.7 prior to 6.7 U3o. It is, therefore, affected by multiple vulnerabilities: - A privilege escalation vulnerability exists in vCenter Server due to the way it handles session tokens. An authenticated, local attacker can exploit...

9.8CVSS7.7AI score0.99999EPSS
Exploits17References17
Rows per page
Query Builder