Lucene search
K

206 matches found

CNNVD
CNNVD
added 2024/07/04 12:0 a.m.7 views

VMware Cloud Director Availability Security Vulnerability

VMware Cloud Director Availability is a Disaster Recovery-as-a-Service DRaaS solution from VMware, Inc. A security vulnerability exists in VMware Cloud Director Availability that stems from the inclusion of HTML injection, which allows an attacker with network access to craft malicious HTML tags...

6.4CVSS6.8AI score0.00325EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/04 12:0 a.m.5 views

PT-2024-5011 · Vmware · Vmware Cloud Director Availability

Name of the Vulnerable Software and Affected Versions: VMware Cloud Director Availability affected versions not specified Description: The issue is related to an HTML injection vulnerability. A malicious actor with network access to VMware Cloud Director Availability can craft malicious HTML tags...

6.4CVSS6.3AI score0.00325EPSS
Exploits0References10
VMware
VMware
added 2024/07/04 12:0 a.m.10 views

VMSA-2024-0016: VMware Cloud Director Availability addresses an HTML injection vulnerability (CVE-2024-22277)

Advisory ID: | VMSA-2024-0016 ---|--- Severity: | Moderate CVSSv3 Range: | 6.4 Issue date: | 2024-07-04 Updated on: | 2024-07-04 Initial Advisory CVEs | CVE-2024-22277 Synopsis: | VMware Cloud Director Availability addresses an HTML injection vulnerability CVE-2024-22277 1. Impacted Products...

6.4CVSS7.4AI score0.00325EPSS
Exploits0References11Affected Software1
NVD
NVD
added 2024/06/27 9:15 p.m.47 views

CVE-2024-22272

VMware Cloud Director contains an Improper Privilege Management vulnerability. An authenticated tenant administrator for a given organization within VMware Cloud Director may be able to accidentally disable their organization leading to a Denial of Service for active sessions within their own...

4.9CVSS0.00369EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/06/27 8:22 p.m.19 views

CVE-2024-22272

VMware Cloud Director contains an Improper Privilege Management vulnerability. An authenticated tenant administrator for a given organization within VMware Cloud Director may be able to accidentally disable their organization leading to a Denial of Service for active sessions within their own...

4.9CVSS6.7AI score0.00369EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/27 12:0 a.m.5 views

PT-2024-5014 · Vmware · Vmware Cloud Director

Name of the Vulnerable Software and Affected Versions: VMware Cloud Director affected versions not specified Description: The issue is related to improper privilege management, which can lead to a Denial of Service for active sessions within an organization's scope. An authenticated tenant...

6.1CVSS6.7AI score0.00369EPSS
Exploits0References5
VMware
VMware
added 2024/06/27 12:0 a.m.17 views

VMSA-2024-0014:VMware Cloud Director addresses an improper privilege management vulnerability (CVE-2024-22272)

Advisory ID: | VMSA-2024-0014 ---|--- Advisory Severity: | Moderate CVSSv3 Range: | 4.9 Synopsis: | VMware Cloud Director addresses an Improper Privilege Management vulnerability CVE-2024-22272 Issue Date: | 2024-06-27 Updated on: | 2024-06-27 CVEs: | CVE-2024-22272 1. Impacted Products VMware...

4.9CVSS6.8AI score0.00369EPSS
Exploits0References11Affected Software1
VMware
VMware
added 2024/06/27 12:0 a.m.20 views

VMSA-2024-0015: VMware Cloud Director Object Storage Extension addresses an Insertion of Sensitive Information vulnerability (CVE-2024-22276)

Advisory ID: | VMSA-2024-0015 ---|--- Advisory Severity: | Moderate CVSSv3 Range: | 5.3 Synopsis: | VMware Cloud Director Object Storage Extension addresses an Insertion of Sensitive Information vulnerability CVE-2024-22276 Issue Date: | 2024-06-27 Updated On: | 2024-06-27 Initial Advisory CVEs |...

5.3CVSS6.3AI score0.00369EPSS
Exploits0References13Affected Software1
VMware
VMware
added 2024/05/08 12:0 a.m.61 views

VMSA-2024-0007:VMware Cloud Director updates address a partial information disclosure vulnerability (CVE-2024-22256)

Advisory ID: | VMSA-2024-0007 ---|--- Advisory Severity: | Moderate CVSSv3 Range: | 4.3 Synopsis: | VMware Cloud Director updates address a partial information disclosure vulnerability CVE-2024-22256. Issue date: | 07 Mar 2024 Updated on: | 07 Mar 2024 Initial Advisory CVEs | CVE-2024-22256 1...

4.3CVSS4.5AI score0.00418EPSS
Exploits0References11Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/03/18 12:0 a.m.5 views

The vulnerability of the VMware Cloud Director platform, related to insufficient protection of operational data, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the VMware Cloud Director platform relates to insufficient protection for operational data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

7.8CVSS5.5AI score0.00418EPSS
Exploits0References4Affected Software1
Exploit DB
Exploit DB
added 2024/03/12 12:0 a.m.470 views

VMware Cloud Director 10.5 - Bypass identity verification

Exploit Title: VMware Cloud Director | Bypass identity verification Google Dork: non Date: 12/06/2023 Exploit Author: Abdualhadi khalifa Version: 10.5 CVE : CVE-2023-34060 import requests import paramiko import subprocess import socket import argparse import threading Define a function to check i...

9.8CVSS10AI score0.01345EPSS
Exploits4
0day.today
0day.today
added 2024/03/12 12:0 a.m.313 views

VMware Cloud Director 10.5 - Bypass identity verification Exploit

Exploit Title: VMware Cloud Director | Bypass identity verification Exploit Author: Abdualhadi khalifa Version: 10.5 CVE : CVE-2023-34060 import requests import paramiko import subprocess import socket import argparse import threading Define a function to check if a port is open def isportopenip,...

9.8CVSS8AI score0.01345EPSS
Exploits4
Vulnrichment
Vulnrichment
added 2024/03/07 10:8 a.m.11 views

CVE-2024-22256

VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance...

4.3CVSS6.6AI score0.00418EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/07 12:0 a.m.10 views

PT-2024-2188 · Vmware · Vmware Cloud Director

Name of the Vulnerable Software and Affected Versions: VMware Cloud Director affected versions not specified Description: The issue is related to a partial information disclosure, where a malicious actor can potentially gather information about organization names based on the behavior of the...

7.8CVSS6.9AI score0.00418EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/03/07 12:0 a.m.5 views

VMware Cloud Director Information Disclosure Vulnerability

VMware Cloud Director is a cloud service delivery platform from VMware. The platform supports virtual datacenter creation, multi-site management, datacenter scaling and cloud migration, and cloud-native application development. An information disclosure vulnerability exists in VMware Cloud...

4.3CVSS6.2AI score0.00418EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/03/06 12:0 a.m.22 views

The vulnerability of VMware ESXi, Workstation, Fusion, and Cloud Foundation software lies in the ability to write beyond the buffer boundaries, allowing attackers to increase their privileges.

The vulnerabilities of VMware ESXi, Workstation, Fusion, and Cloud Foundation software are related to writing beyond the buffer boundaries. Exploiting these vulnerabilities can allow attackers to gain increased privileges...

7.9CVSS8.1AI score0.00501EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/01/17 12:0 a.m.8 views

The vulnerability of VMware Cloud Foundation (previously Aria Automation) and the VMware Aria Automation automation software (previously vRealize Automation) lies in their lack of access control mechanisms. This allows a malicious individual to gain full access to these automation tools.

The vulnerability of the VMware Cloud Foundation virtualization platform previously Aria Automation and the VMware Aria Automation automation software previously vRealize Automation is related to lack of access control. Exploiting this vulnerability can allow a malicious actor to gain full access...

9.9CVSS8AI score0.00949EPSS
Exploits0References5
0day.today
0day.today
added 2023/12/08 12:0 a.m.524 views

VMware Cloud Director - Bypass identity verification Exploit

CVE-2023-34060 vulnerability is a vulnerability that allows an attacker to bypass identity verification when entering port 22 ssh or port 5480 Device Management Console in VMware Cloud Director Appliance123. This vulnerability does not exist on port 443 VCD provider and tenant sign-in...

9.8CVSS7.2AI score0.01345EPSS
Exploits4
BDU FSTEC
BDU FSTEC
added 2023/11/20 12:0 a.m.6 views

The vulnerability of the sssd component in the basic operating system of the Photon OS platform, which is used for managing cloud storage solutions like VMware Cloud Director, allows a hacker to gain increased privileges.

The vulnerability of the sssd component in the basic operating system of the Photon OS platform, which is used for managing cloud storage in VMware Cloud Director, relates to the possibility of bypassing authentication. Exploiting this vulnerability allows a malicious actor to gain increased...

10CVSS8AI score0.01345EPSS
Exploits4References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/11/17 12:0 a.m.54 views

VMware Cloud Director Authentication Bypass (VMSA-2023-0026)

VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass log...

9.8CVSS8.5AI score0.01345EPSS
Exploits4References3
Rows per page
Query Builder