EUVD-2016-8312

Malware in sbrugna...

Vulnerabilities include the browser of the event log, settings of distributed switches, and the content library of the management server for virtual infrastructure VMware vCenter Server, which allows attackers to access confidential information.

The vulnerability of the event log browser, distributed switch configuration settings, and the content library of the VMware vCenter Server management server is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability can allow a malicious actor to...

CVE-2016-7459

VMware vCenter Server 5.5 before U3e and 6.0 before U2a allows remote authenticated users to read arbitrary files via a 1 Log Browser, 2 Distributed Switch setup, or 3 Content Library XML document containing an external entity declaration in conjunction with an entity reference, related to an XML...

VMware vCenter Server 5.5.x < 5.5u3e / 6.0.x < 6.0u2a Multiple XXE Vulnerabilities (VMSA-2016-0022)

The version of VMware vCenter Server installed on the remote host is 5.5.x prior to 5.5u3e or 6.0.x prior to 6.0u2a. It is, therefore, affected by multiple XML external entity XXE vulnerabilities : - Multiple XML external entity XXE vulnerabilities exist in the Log Browser, the Distributed Switch...

VMware vCenter Server XML External Entity (XXE) Vulnerability (VMSA-2016-0022)

VMware vCenter Server contains an XML external entity XXE vulnerability in the Log Browser, the Distributed Switch setup, and the Content Library. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...