747 matches found
Security Bulletin: Multiple vulnerabilities in VMware affect IBM Cloud Pak System
Summary Multiple vulnerabilities have been identified in VMware, a supporting product shipped with IBM Cloud Pak System. Vulnerabilities in VMware vSphere Client HTML5 for VMware vCenter plugins in vRealize Operations Environment, not used in Cloud Pak Systems, but for VMware vulnerabile vCenter...
Exploit for Path Traversal in Vmware Cloud_Foundation
CVE-2021-21972 CVE-2021-21972 VMware vSphere Client Unauthor...
Exploit for Path Traversal in Vmware Cloud_Foundation
CVE-2021-21972 CVE-2021-21972 VMware vSphere Client Unauthor...
Exploit for Path Traversal in Vmware Cloud_Foundation
CVE-2021-21972 CVE-2021-21972 VMware vSphere Client Unauthor...
Exploit for Path Traversal in Vmware Cloud_Foundation
CVE-2021-21972 CVE-2021-21972 VMware vSphere Client Unauthor...
Vmware VMware vCenter Server Elevation of Privilege Vulnerability
Vmware VMware vCenter Server is a suite of server and virtualization management software from Vmware, Inc. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructure. vmware vCenter Server is vulnerab...
VMware vCenter Server Information Disclosure Vulnerability (CNVD-2021-74279)
Vmware VMware vCenter Server is a suite of server and virtualization management software from Vmware. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructures. An information disclosure vulnerabili...
VMware vCenter Server Information Disclosure Vulnerability (CNVD-2021-74283)
Vmware VMware vCenter Server is a suite of server and virtualization management software from Vmware, Inc. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructure. vmware vCenter Server is vulnerab...
VMware vCenter Server Server-Side Request Forgery Vulnerability
Vmware VMware vCenter Server is a suite of server and virtualization management software from Vmware, Inc. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructures. vCenter Server is vulnerable to...
CVE-2021-22018
The vCenter Server contains an arbitrary file deletion vulnerability in a VMware vSphere Life-cycle Manager plug-in. A malicious actor with network access to port 9087 on vCenter Server may exploit this issue to delete non critical files...
Arbitrary file deletion
The vCenter Server contains an arbitrary file deletion vulnerability in a VMware vSphere Life-cycle Manager plug-in. A malicious actor with network access to port 9087 on vCenter Server may exploit this issue to delete non critical files...
CVE-2021-22018
CVE-2021-22018 affects VMware vCenter Server via an arbitrary file deletion vulnerability in the vSphere Life-cycle Manager plug-in. A remote attacker can delete non-critical files by targeting port 9087. This is documented in multiple sources (e.g., RH-CVE-2021-22018 and VMware advisory VMSA-202...
CVE-2021-22018
The vCenter Server contains an arbitrary file deletion vulnerability in a VMware vSphere Life-cycle Manager plug-in. A malicious actor with network access to port 9087 on vCenter Server may exploit this issue to delete non critical files...
CVE-2021-21992
The vCenter Server contains a denial-of-service vulnerability due to improper XML entity parsing. A malicious actor with non-administrative user access to the vCenter Server vSphere Client HTML5 or vCenter Server vSphere Web Client FLEX/Flash may exploit this issue to create a denial-of-service...
CVE-2021-21991
The vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens. A malicious actor with non-administrative user access on vCenter Server host may exploit this issue to escalate privileges to Administrator on the vSphere Client HTML5 or vCenter Serve...
CVE-2021-21992
The vCenter Server contains a denial-of-service vulnerability due to improper XML entity parsing. A malicious actor with non-administrative user access to the vCenter Server vSphere Client HTML5 or vCenter Server vSphere Web Client FLEX/Flash may exploit this issue to create a denial-of-service...
CVE-2021-21991
The vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens. A malicious actor with non-administrative user access on vCenter Server host may exploit this issue to escalate privileges to Administrator on the vSphere Client HTML5 or vCenter Serve...
Denial of service
The vCenter Server contains a denial-of-service vulnerability due to improper XML entity parsing. A malicious actor with non-administrative user access to the vCenter Server vSphere Client HTML5 or vCenter Server vSphere Web Client FLEX/Flash may exploit this issue to create a denial-of-service...
Privilege escalation
The vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens. A malicious actor with non-administrative user access on vCenter Server host may exploit this issue to escalate privileges to Administrator on the vSphere Client HTML5 or vCenter Serve...
CVE-2021-21992
The vCenter Server contains a denial-of-service vulnerability due to improper XML entity parsing. A malicious actor with non-administrative user access to the vCenter Server vSphere Client HTML5 or vCenter Server vSphere Web Client FLEX/Flash may exploit this issue to create a denial-of-service...