15 matches found
VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)
1. Impacted Products VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Cloud Proxy VMware vRealize Automation VMware vRealize...
VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)
1. Impacted Products VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Cloud Proxy VMware vRealize Automation VMware vRealize...
VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)
1. Impacted Products VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Cloud Proxy VMware vRealize Automation VMware vRealize...
GHSA-W4X5-JQQ4-QC8X SQL Injection in Cloud Native Computing Foundation Harbor
Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via project quotas in the VMware Harbor Container Registry for the Pivotal Platform...
SQL Injection in Cloud Native Computing Foundation Harbor
Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via project quotas in the VMware Harbor Container Registry for the Pivotal Platform...
GHSA-JR34-MFF8-PC6F SQL Injection in Cloud Native Computing Foundation Harbor
Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via user-groups in the VMware Harbor Container Registry for the Pivotal Platform...
CVE-2019-19029
Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via user-groups in the VMware Harbor Container Registry for the Pivotal Platform...
CVE-2019-19025
Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows CSRF in the VMware Harbor Container Registry for the Pivotal Platform...
CVE-2019-19023
Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 has a Privilege Escalation Vulnerability in the VMware Harbor Container Registry for the Pivotal Platform...
Sql injection
Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows SQL Injection via user-groups in the VMware Harbor Container Registry for the Pivotal Platform...
Cross site request forgery (csrf)
Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allows CSRF in the VMware Harbor Container Registry for the Pivotal Platform...
CVE-2019-19029
CVE-2019-19029 affects Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3, enabling SQL Injection via the user-groups feature in the VMware Harbor Container Registry for the Pivotal Platform. The issue is documented with CVSS 3.1/2.0 vectors (high impact on confidentiality, integri...
VMware Releases Security Update for Harbor Container Registry for PCF
VMware has released a security update to address a vulnerability affecting Harbor Container Registry for Pivotal Cloud Foundry PCF. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...
VMSA-2019-0016:VMware Cloud Foundation and VMware Harbor Container Registry for PCF address broken access control vulnerability
VMware Security Advisories Advisory ID| VMSA-2019-0016 ---|--- Advisory Severity| Critical CVSSv3 Range| 9.1 Synopsis| VMware Cloud Foundation and VMware Harbor Container Registry for PCF address broken access control vulnerability CVE-2019-16919 Issue Date| 2019-10-15 Updated On| 2019-12-11 CVEs...
VMware Releases Security Updates
VMware has released security updates to address vulnerabilities in Cloud Foundation and Harbor Container Registry for Pivotal Cloud Foundry. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA...