Lucene search
K

206 matches found

Cvelist
Cvelist
added 2022/04/14 8:5 p.m.47 views

CVE-2022-22966

An authenticated, high privileged malicious actor with network access to the VMware Cloud Director tenant or provider may be able to exploit a remote code execution vulnerability to gain access to the server...

7.5AI score0.0639EPSS
Exploits0References1
CVE
CVE
added 2022/04/14 8:5 p.m.144 views

CVE-2022-22966

CVE-2022-22966 is a remote code execution vulnerability in VMware Cloud Director. An authenticated, high-privileged attacker with network access to the Cloud Director tenant/provider could exploit this to gain control of the server. Affected versions include 10.1.x, 10.2.x, and 10.3.x; fixes are ...

7.2CVSS7.4AI score0.0639EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/04/14 12:0 a.m.28 views

VMware Cloud Director 输入验证错误漏洞

VMware Cloud Director is a cloud service delivery platform from VMware. The platform supports virtual datacenter creation, multi-site management, datacenter scaling and cloud migration, and cloud-native application development. A security vulnerability exists in VMware Cloud Director that...

7.2CVSS8.1AI score0.0639EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/02/17 12:0 a.m.6 views

The vulnerability of the SDDC controller in the VMware Cloud Foundation virtualization platform allows a intruder to gain unauthorized access to protected information.

The vulnerability of the SDDC controller of the VMware Cloud Foundation virtualization platform is related to insufficient protection of registration data. Exploiting this vulnerability may allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

6.8CVSS5.5AI score0.00778EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2022/02/15 12:0 a.m.7 views

VMWare Cloud Foundation (ESXi) 访问控制错误漏洞

Vmware VMware Cloud Foundation is an all-in-one hybrid cloud platform from Vmware. The platform includes features such as operations automation, infrastructure auto-configuration, and integrated lifecycle management. An access control error vulnerability exists in VMWare Cloud Foundation ESXi tha...

7.8CVSS7.5AI score0.00296EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/02/15 12:0 a.m.5 views

Vmware Cloud Foundation 输入验证错误漏洞

Vmware VMware Cloud Foundation is an all-in-one hybrid cloud platform from Vmware. The platform includes features such as operations automation, infrastructure auto-configuration, and integrated lifecycle management. An input validation error vulnerability exists in Vmware Cloud Foundation, which...

7.5CVSS7.6AI score0.01052EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/02/15 12:0 a.m.5 views

Vmware Cloud Foundation 资源管理错误漏洞

Vmware VMware Cloud Foundation is an all-in-one hybrid cloud platform from Vmware. The platform includes features such as operations automation, infrastructure auto-configuration, and integrated lifecycle management. A resource management error vulnerability exists in Vmware Cloud Foundation, whi...

7.5CVSS7.6AI score0.02316EPSS
Exploits0References4
Prion
Prion
added 2022/02/04 11:15 p.m.21 views

Information disclosure

VMware Cloud Foundation contains an information disclosure vulnerability due to logging of credentials in plain-text within multiple log files on the SDDC Manager. A malicious actor with root access on VMware Cloud Foundation SDDC Manager may be able to view credentials in plaintext within one or...

4CVSS4.8AI score0.00778EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/02/04 10:29 p.m.35 views

CVE-2022-22939

VMware Cloud Foundation contains an information disclosure vulnerability due to logging of credentials in plain-text within multiple log files on the SDDC Manager. A malicious actor with root access on VMware Cloud Foundation SDDC Manager may be able to view credentials in plaintext within one or...

5.3AI score0.00778EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/02/04 12:0 a.m.7 views

Vmware VMware Cloud Foundation 日志信息泄露漏洞

Vmware VMware Cloud Foundation is an all-in-one hybrid cloud platform from Vmware. The platform includes features such as operations automation, infrastructure auto-configuration, and integrated lifecycle management. A security vulnerability exists in VMware Cloud Foundation that originates from...

4.9CVSS5.3AI score0.00778EPSS
Exploits0References3
VMware
VMware
added 2022/01/29 12:0 a.m.26 views

VMSA-2022-0003:VMware Cloud Foundation contains an information disclosure vulnerability due to the logging of plaintext credentials within some log files

Advisory ID: VMSA-2022-0003.1 CVSSv3 Range: 6.0 Issue Date:2022-01-31 Updated On: 2022-02-14 CVEs: CVE-2022-22939 Synopsis: VMware Cloud Foundation contains an information disclosure vulnerability due to the logging of plaintext credentials within some log files. RSS Feed Download PDF Download Te...

4.9CVSS5.1AI score0.00778EPSS
Exploits0References15Affected Software1
VMware
VMware
added 2021/12/10 12:0 a.m.152 views

VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)

1. Impacted Products VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Cloud Proxy VMware vRealize Automation VMware vRealize...

9.3CVSS0.4AI score0.99999EPSS
Exploits357References4Affected Software54
Gitee
Gitee
added 2021/12/09 8:36 p.m.7 views

Exploit for Path Traversal in Vmware Cloud_Foundation

CVE-2021-21972 CVE-2021-21972 Works On - VMware-VCSA-all-6.7.0-8217866、VMware-VIM-all-6.7.0-8217866 ✔ - VMware-VCSA-all-6.5.0-16613358 ✔ For vCenter6.7 U2+ vCenter 6.7U2+ running website in memory,so this exp can't work for 6.7 u2+. Need test - vCenter 6.5 LinuxVCSA/Window Waiting For Test -...

10CVSS10AI score0.9957EPSS
Exploits47
BDU FSTEC
BDU FSTEC
added 2021/12/07 12:0 a.m.8 views

The vulnerability of the vSphere Web Client (FLEX/Flash) component, which manages virtual infrastructure, affects both Vmware vCenter Server and VMware Cloud Foundation. This vulnerability allows an attacker to gain unauthorized access to protected information.

The vulnerability of the vSphere Web Client FLEX/Flash component related to Vmware vCenter Server and VMware Cloud Foundation management tools is due to insufficient validation of incoming requests. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...

6.5CVSS7.7AI score0.01673EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/12/01 12:0 a.m.4 views

The vulnerability of the IWA (Integrated Windows Authentication) mechanism in software for managing virtual infrastructure such as VMware vCenter Server and VMware Cloud Foundation allows a perpetrator to escalate their privileges.

The vulnerability of the IWA Integrated Windows Authentication implementation in VMware vCenter Server and VMware Cloud Foundation software relates to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.1CVSS7.6AI score0.09976EPSS
Exploits0References4Affected Software2
GithubExploit
GithubExploit
added 2021/10/27 8:36 a.m.271 views

Exploit for Path Traversal in Vmware Cloud_Foundation

CVE-2021-22005 VMware vCenter Server arbitrary file upload...

9.8CVSS7.4AI score0.99999EPSS
Exploits11
GithubExploit
GithubExploit
added 2021/10/24 11:14 p.m.205 views

Exploit for Path Traversal in Vmware Cloud_Foundation

CVE-2021-22005-metasploit the metasploit scriptPOC/EXP about...

9.8CVSS9AI score0.99999EPSS
Exploits11
VMware
VMware
added 2021/10/17 12:0 a.m.41 views

VMSA-2021-0024:VMware vRealize Operations Tenant App update addresses Information Disclosure Vulnerability

Advisory ID: VMSA-2021-0024 CVSSv3 Range: 5.3 Issue Date:2021-10-19 Updated On: 2021-10-19 CVEs: CVE-2021-22034 Synopsis: VMware vRealize Operations Tenant App update addresses Information Disclosure Vulnerability CVE-2021-22034 RSS Feed Download PDF Download Text File Share this page on social...

7.5CVSS7.2AI score0.00971EPSS
Exploits0References12Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/10/08 12:0 a.m.6 views

The vulnerability of the rhttpproxy service, a management tool for virtual infrastructure, such as VMware vCenter Server and VMware Cloud Foundation, allows attackers to circumvent existing security restrictions.

The vulnerability of the rhttpproxy service in the vmware vcenterserver software is related to errors in the authentication process. Exploiting this vulnerability allows an attacker to bypass existing security restrictions remotely...

5.3CVSS7.1AI score0.47642EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/10/08 12:0 a.m.7 views

The vulnerability of the VAMI management interface related to VMware vCenter Server and VMware Cloud Foundation, a virtualization platform, arises from improper code generation. This allows an attacker to execute arbitrary code.

The vulnerability of the VAMI management interface for VMware vCenter Server and VMware Cloud Foundation virtualization platforms is related to improper code generation. Exploiting this vulnerability allows an attacker to execute arbitrary code on the operating system...

9CVSS8AI score0.01473EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder