206 matches found
VMware Cloud Director Availability Security Vulnerability
VMware Cloud Director Availability is a Disaster Recovery-as-a-Service DRaaS solution from VMware, Inc. A security vulnerability exists in VMware Cloud Director Availability that stems from the inclusion of HTML injection, which allows an attacker with network access to craft malicious HTML tags...
PT-2024-5011 · Vmware · Vmware Cloud Director Availability
Name of the Vulnerable Software and Affected Versions: VMware Cloud Director Availability affected versions not specified Description: The issue is related to an HTML injection vulnerability. A malicious actor with network access to VMware Cloud Director Availability can craft malicious HTML tags...
VMSA-2024-0016: VMware Cloud Director Availability addresses an HTML injection vulnerability (CVE-2024-22277)
Advisory ID: | VMSA-2024-0016 ---|--- Severity: | Moderate CVSSv3 Range: | 6.4 Issue date: | 2024-07-04 Updated on: | 2024-07-04 Initial Advisory CVEs | CVE-2024-22277 Synopsis: | VMware Cloud Director Availability addresses an HTML injection vulnerability CVE-2024-22277 1. Impacted Products...
CVE-2024-22272
VMware Cloud Director contains an Improper Privilege Management vulnerability. An authenticated tenant administrator for a given organization within VMware Cloud Director may be able to accidentally disable their organization leading to a Denial of Service for active sessions within their own...
CVE-2024-22272
VMware Cloud Director contains an Improper Privilege Management vulnerability. An authenticated tenant administrator for a given organization within VMware Cloud Director may be able to accidentally disable their organization leading to a Denial of Service for active sessions within their own...
PT-2024-5014 · Vmware · Vmware Cloud Director
Name of the Vulnerable Software and Affected Versions: VMware Cloud Director affected versions not specified Description: The issue is related to improper privilege management, which can lead to a Denial of Service for active sessions within an organization's scope. An authenticated tenant...
VMSA-2024-0014:VMware Cloud Director addresses an improper privilege management vulnerability (CVE-2024-22272)
Advisory ID: | VMSA-2024-0014 ---|--- Advisory Severity: | Moderate CVSSv3 Range: | 4.9 Synopsis: | VMware Cloud Director addresses an Improper Privilege Management vulnerability CVE-2024-22272 Issue Date: | 2024-06-27 Updated on: | 2024-06-27 CVEs: | CVE-2024-22272 1. Impacted Products VMware...
VMSA-2024-0015: VMware Cloud Director Object Storage Extension addresses an Insertion of Sensitive Information vulnerability (CVE-2024-22276)
Advisory ID: | VMSA-2024-0015 ---|--- Advisory Severity: | Moderate CVSSv3 Range: | 5.3 Synopsis: | VMware Cloud Director Object Storage Extension addresses an Insertion of Sensitive Information vulnerability CVE-2024-22276 Issue Date: | 2024-06-27 Updated On: | 2024-06-27 Initial Advisory CVEs |...
VMSA-2024-0007:VMware Cloud Director updates address a partial information disclosure vulnerability (CVE-2024-22256)
Advisory ID: | VMSA-2024-0007 ---|--- Advisory Severity: | Moderate CVSSv3 Range: | 4.3 Synopsis: | VMware Cloud Director updates address a partial information disclosure vulnerability CVE-2024-22256. Issue date: | 07 Mar 2024 Updated on: | 07 Mar 2024 Initial Advisory CVEs | CVE-2024-22256 1...
The vulnerability of the VMware Cloud Director platform, related to insufficient protection of operational data, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the VMware Cloud Director platform relates to insufficient protection for operational data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
VMware Cloud Director 10.5 - Bypass identity verification
Exploit Title: VMware Cloud Director | Bypass identity verification Google Dork: non Date: 12/06/2023 Exploit Author: Abdualhadi khalifa Version: 10.5 CVE : CVE-2023-34060 import requests import paramiko import subprocess import socket import argparse import threading Define a function to check i...
VMware Cloud Director 10.5 - Bypass identity verification Exploit
Exploit Title: VMware Cloud Director | Bypass identity verification Exploit Author: Abdualhadi khalifa Version: 10.5 CVE : CVE-2023-34060 import requests import paramiko import subprocess import socket import argparse import threading Define a function to check if a port is open def isportopenip,...
CVE-2024-22256
VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance...
PT-2024-2188 · Vmware · Vmware Cloud Director
Name of the Vulnerable Software and Affected Versions: VMware Cloud Director affected versions not specified Description: The issue is related to a partial information disclosure, where a malicious actor can potentially gather information about organization names based on the behavior of the...
VMware Cloud Director Information Disclosure Vulnerability
VMware Cloud Director is a cloud service delivery platform from VMware. The platform supports virtual datacenter creation, multi-site management, datacenter scaling and cloud migration, and cloud-native application development. An information disclosure vulnerability exists in VMware Cloud...
The vulnerability of VMware ESXi, Workstation, Fusion, and Cloud Foundation software lies in the ability to write beyond the buffer boundaries, allowing attackers to increase their privileges.
The vulnerabilities of VMware ESXi, Workstation, Fusion, and Cloud Foundation software are related to writing beyond the buffer boundaries. Exploiting these vulnerabilities can allow attackers to gain increased privileges...
The vulnerability of VMware Cloud Foundation (previously Aria Automation) and the VMware Aria Automation automation software (previously vRealize Automation) lies in their lack of access control mechanisms. This allows a malicious individual to gain full access to these automation tools.
The vulnerability of the VMware Cloud Foundation virtualization platform previously Aria Automation and the VMware Aria Automation automation software previously vRealize Automation is related to lack of access control. Exploiting this vulnerability can allow a malicious actor to gain full access...
VMware Cloud Director - Bypass identity verification Exploit
CVE-2023-34060 vulnerability is a vulnerability that allows an attacker to bypass identity verification when entering port 22 ssh or port 5480 Device Management Console in VMware Cloud Director Appliance123. This vulnerability does not exist on port 443 VCD provider and tenant sign-in...
The vulnerability of the sssd component in the basic operating system of the Photon OS platform, which is used for managing cloud storage solutions like VMware Cloud Director, allows a hacker to gain increased privileges.
The vulnerability of the sssd component in the basic operating system of the Photon OS platform, which is used for managing cloud storage in VMware Cloud Director, relates to the possibility of bypassing authentication. Exploiting this vulnerability allows a malicious actor to gain increased...
VMware Cloud Director Authentication Bypass (VMSA-2023-0026)
VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass log...