Lucene search
K

747 matches found

UbuntuCve
UbuntuCve
added 2023/10/26 12:0 a.m.37 views

CVE-2023-34058

VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...

7.5CVSS6.6AI score0.00667EPSS
Exploits0References4
Veeam
Veeam
added 2023/10/26 12:0 a.m.21 views

VMXNET3 Drivers Missing From Recovery Media for Server 2022 vSphere VM

Challenge When attempting to perform a Bare Metal Restore on a vSphere VM using Veeam Recovery Media, which was created from a vSphere VM running Server 2022, the network adapter drivers fail to load. This issue persists despite having the 'Include hardware drivers from this computer' option...

6.8AI score
Exploits0Affected Software1
Veeam
Veeam
added 2023/10/23 12:0 a.m.22 views

SureBackup Job Failure: "The resource 'VeeamBackup_' is in use."

Challenge A SureBackup job in a vSphere environment fails with the error: The resource 'VeeamBackup' is in use. The error as found in the SureBackup Job log%programdata%\Veeam\Backup\SureBackup\Job.SureBackup.log: Error Failed to connect backup datastore to the ESXi host "esx01.domain.tld"...

6.7AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/19 12:0 a.m.5 views

The vulnerability of the user interface of the integration plugin between SnapCenter and the VMware SnapCenter Plugin for VMware vSphere (SCV) allows a hacker to alter the email settings.

The vulnerability of the user interface of the integration plugin between SnapCenter and the VMware SnapCenter Plugin for VMware vSphere SCV is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to alter email settings remotely...

5.5CVSS5.5AI score0.00301EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2023/10/12 7:15 p.m.19 views

CVE-2023-27312

SnapCenter Plugin for VMware vSphere versions 4.6 prior to 4.9 are susceptible to a vulnerability which may allow authenticated unprivileged users to modify email and snapshot name settings within the VMware vSphere user interface...

5.4CVSS5.3AI score0.00301EPSS
Exploits0References1
OSV
OSV
added 2023/10/12 7:15 p.m.5 views

CVE-2023-27312

SnapCenter Plugin for VMware vSphere versions 4.6 prior to 4.9 are susceptible to a vulnerability which may allow authenticated unprivileged users to modify email and snapshot name settings within the VMware vSphere user interface...

4.3CVSS5.8AI score0.00301EPSS
Exploits0References1
Prion
Prion
added 2023/10/12 7:15 p.m.16 views

Code injection

SnapCenter Plugin for VMware vSphere versions 4.6 prior to 4.9 are susceptible to a vulnerability which may allow authenticated unprivileged users to modify email and snapshot name settings within the VMware vSphere user interface...

4CVSS4.5AI score0.00301EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/10/12 6:19 p.m.66 views

CVE-2023-27312

NetApp SnapCenter Plugin for VMware vSphere is vulnerable in versions 4.6 through 4.8 (and 4.6–4.9 context) due to insufficient access control, allowing authenticated unprivileged users to modify email and snapshot name settings in the vSphere UI. Affected component: SnapCenter Plugin for VMware ...

5.4CVSS4.7AI score0.00301EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/10/12 6:19 p.m.20 views

CVE-2023-27312 Privilege Escalation Vulnerability in SnapCenter Plugin for VMware vSphere

SnapCenter Plugin for VMware vSphere versions 4.6 prior to 4.9 are susceptible to a vulnerability which may allow authenticated unprivileged users to modify email and snapshot name settings within the VMware vSphere user interface...

5.4CVSS5.6AI score0.00301EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/12 6:19 p.m.12 views

CVE-2023-27312 Privilege Escalation Vulnerability in SnapCenter Plugin for VMware vSphere

SnapCenter Plugin for VMware vSphere versions 4.6 prior to 4.9 are susceptible to a vulnerability which may allow authenticated unprivileged users to modify email and snapshot name settings within the VMware vSphere user interface...

5.4CVSS6.7AI score0.00301EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/10/12 12:0 a.m.7 views

NetApp SnapCenter Security Vulnerability

NetApp SnapCenter is a suite of applications from Network Appliance NetApp that provides the ability to back up, verify, clone, and restore NetApp storage systems. A security vulnerability exists in SnapCenter versions 3.x and 4.x VMware vSphere versions prior to 4.9, which stems from a...

8.8CVSS6.9AI score0.00491EPSS
Exploits0References2
Prion
Prion
added 2023/10/03 12:15 a.m.20 views

Privilege escalation

A flaw exists in VASA which allows users with access to a vSphere/ESXi VMware admin on a FlashArray to gain root access through privilege escalation...

6.5CVSS8.7AI score0.00459EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/02 11:15 p.m.12 views

CVE-2023-36628 Privilege Escalation in VASA

A flaw exists in VASA which allows users with access to a vSphere/ESXi VMware admin on a FlashArray to gain root access through privilege escalation...

8.8CVSS7AI score0.00459EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/02 11:15 p.m.30 views

CVE-2023-36628 Privilege Escalation in VASA

A flaw exists in VASA which allows users with access to a vSphere/ESXi VMware admin on a FlashArray to gain root access through privilege escalation...

8.8CVSS8.9AI score0.00459EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/09/11 12:0 a.m.35 views

Debian DSA-5493-1 : open-vm-tools - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5493 advisory. - A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the...

7.5CVSS6.9AI score0.13638EPSS
Exploits0References9
NVD
NVD
added 2023/08/31 10:15 a.m.14 views

CVE-2023-20900

A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a...

7.5CVSS7.1AI score0.01193EPSS
Exploits0References9
OSV
OSV
added 2023/08/31 10:15 a.m.42 views

CVE-2023-20900

A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a...

7.5CVSS6.9AI score
Exploits0References9
Cvelist
Cvelist
added 2023/08/31 9:45 a.m.28 views

CVE-2023-20900

A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a...

7.1CVSS7.7AI score0.01193EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2023/08/31 9:45 a.m.30 views

CVE-2023-20900

A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a...

7.5CVSS7.2AI score0.01193EPSS
Exploits0
CVE
CVE
added 2023/08/31 9:45 a.m.538 views

CVE-2023-20900

CVE-2023-20900 is a vulnerability in Open VMware Tools (open-vm-tools) where a malicious actor with Guest Operation Privileges may elevate to a higher privilege via a more-privileged Guest Alias in the VM. The connected documents confirm Open VM Tools is affected and describe a SAML token signatu...

7.5CVSS7.4AI score0.01193EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder