44 matches found
EUVD-2012-6180
Malware in sbrugna...
CVE-2012-6325
VMware vCenter Server Appliance vCSA 5.0 before Update 2 does not properly parse XML documents, which allows remote authenticated users to read arbitrary files via unspecified vectors...
CVE-2013-3079
VMware vCenter Server Appliance vCSA 5.1 before Update 1 allows remote authenticated users to execute arbitrary programs with root privileges by leveraging Virtual Appliance Management Interface VAMI access...
CVE-2024-37081
The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance...
CVE-2024-37081
The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance...
CVE-2021-22015
The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. An authenticated local user with non-administrative privilege may exploit these issues to elevate their privileges to root on vCenter Server Appliance...
PT-2021-4311 · Vmware · Vcenter Server Appliance +1
Name of the Vulnerable Software and Affected Versions: vCenter Server Appliance affected versions not specified Description: The vCenter Server contains multiple local privilege escalation issues due to improper permissions of files and directories. An authenticated local user with...
VMware vCenter Server Appliance Update Manager Directory Traversal Arbitrary File Deletion Vulnerability
This vulnerability allows remote attackers to delete arbitrary files on affected installations of VMware vCenter Server Appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Update Manager. The issue results from the lack of proper validation...
VMware vCenter Server 6.7 - Authentication Bypass
Exploit Title: VMware vCenter Server 6.7 - Authentication Bypass Date: 2020-06-01 Exploit Author: Photubias Vendor Advisory: 1 https://www.vmware.com/security/advisories/VMSA-2020-0006.html Version: vCenter Server 6.7 before update 3f Tested on: vCenter Server Appliance 6.7 RTM updated from v6.0...
The vulnerability of the implementation of backup and recovery operations for software that manages virtual infrastructure like VMware vCenter Server allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the implementation of backup and recovery operations for software that manages virtual infrastructure like VMware vCenter Server Appliance is related to deficiencies in verifying the authenticity of certificates. Exploiting this vulnerability can allow an attacker, operating...
CVE-2019-5538
Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance 6.7 before 6.7u3a and 6.5 before 6.5u3d may allow a malicious actor to intercept sensitive data in transit over SCP...
CVE-2019-5538
Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance 6.7 before 6.7u3a and 6.5 before 6.5u3d may allow a malicious actor to intercept sensitive data in transit over SCP...
CVE-2019-5537
Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance 6.7 before 6.7u3a and 6.5 before 6.5u3d may allow a malicious actor to intercept sensitive data in transit over FTP...
CVE-2019-5537
Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance 6.7 before 6.7u3a and 6.5 before 6.5u3d may allow a malicious actor to intercept sensitive data in transit over FTP...
Information disclosure
Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance 6.7 before 6.7u3a and 6.5 before 6.5u3d may allow a malicious actor to intercept sensitive data in transit over FTP...
CVE-2019-5538
Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance 6.7 before 6.7u3a and 6.5 before 6.5u3d may allow a malicious actor to intercept sensitive data in transit over SCP...
CVE-2019-5537
Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance 6.7 before 6.7u3a and 6.5 before 6.5u3d may allow a malicious actor to intercept sensitive data in transit over FTP...
VMware vCenter Server Appliance Information Disclosure Vulnerability (CNVD-2019-39366)
VMware vCenter Server is a suite of server and virtualization management software from VMware. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructures. An information disclosure vulnerability exis...
VMSA-2019-0018:VMware vCenter Server Appliance updates address sensitive information disclosure vulnerability in backup and restore functions
VMware Security Advisories Advisory ID| VMSA-2019-0018 ---|--- Advisory Severity| Moderate CVSSv3 Range| 6.8 Synopsis| VMware vCenter Server Appliance updates address sensitive information disclosure vulnerability in backup and restore functions CVE-2019-5537, CVE-2019-5538 Issue Date| 2019-10-24...
VMware vCenter Server Appliance 6.0 / 6.5 / 6.7 Information Disclosure vulnerability (VMSA-2018-0021)
The version of VMware vCenter Server Appliance installed on the remote host is 6.0, 6.5 or 6.7 and is, therefore, potentially affected by an information disclosure vulnerability. CVE-2018-3620 C Tenable Network Security, Inc. include'compat.inc'; if description scriptid112207; scriptversion"1.7";...