66 matches found
EUVD-2012-2964
Malware in sbrugna...
CVE-2021-21985
The vSphere Client HTML5 contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with...
CVE-2012-3283
Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1511...
CVE-2013-2343
Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1510...
CVE-2012-3285
Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1513...
CVE-2012-3282
Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1468...
CVE-2012-3284
Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1512...
VMware vCenter Server Improper Input Validation Vulnerability
VMware vSphere Client contains an improper input validation vulnerability in the Virtual SAN Health Check plug-in, which is enabled by default in vCenter Server, which allows for remote code execution...
VMware vCenter Server Virtual SAN Health Check Remote Code Execution Exploit
This Metasploit module exploits Java unsafe reflection and SSRF in the VMware vCenter Server Virtual SAN Health Check plugin's ProxygenController class to execute code as the vsphere-ui user. See the vendor advisory for affected and patched versions. Tested against VMware vCenter Server 6.7 Updat...
VMware vCenter Server Virtual SAN Health Check Plugin RCE
This module exploits Java unsafe reflection and SSRF in the VMware vCenter Server Virtual SAN Health Check plugin's ProxygenController class to execute code as the vsphere-ui user. See the vendor advisory for affected and patched versions. Tested against VMware vCenter Server 6.7 Update 3m Linux...
VMware vCenter Server Virtual SAN Health Check Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware vCenter Server Virtual SAN Health Check Plugin RCE', 'Description' = %q This module exploits Java unsafe reflection and SSRF in the VMware...
CVE-2021-21985
The vSphere Client HTML5 contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with...
CVE-2021-21986
The vSphere Client HTML5 contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. A malicious actor with network access to port 443 on vCenter Server may perform...
Remote code execution
The vSphere Client HTML5 contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with...
CVE-2021-21985
The vSphere Client HTML5 contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with...
CVE-2021-21985
CVE-2021-21985 affects VMware vCenter Server via the vSphere Client (HTML5) and the default-enabled Virtual SAN Health Check plug‑in. Root cause: improper input validation leads to remote code execution when an attacker with network access to port 443 sends crafted input, enabling commands with u...
CVE-2021-21985
The vSphere Client HTML5 contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with...
CVE-2021-21985
The vSphere Client HTML5 contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with...
VMware vCenter Server远程代码执行漏洞(CVE-2021-21985)
Rapid7 May 26, 2021 5:34pm UTC 1 day ago• Last updated May 27, 2021 6:39pm UTC 7 hours ago Technical Analysis Threat status: Impending threat Attacker utility: Network infrastructure compromise Description On Tuesday, May 25, 2021, VMware published security advisory VMSA-2021-0010, which includes...
VMSA-2021-0010:VMware vCenter Server updates address remote code execution and authentication vulnerabilities
Advisory ID: VMSA-2021-0010 CVSSv3 Range: 6.5-9.8 Issue Date:2021-05-25 Updated On: 2021-05-25 Initial Advisory CVEs: CVE-2021-21985, CVE-2021-21986 Synopsis: VMware vCenter Server updates address remote code execution and authentication vulnerabilities CVE-2021-21985, CVE-2021-21986 RSS Feed...