7 matches found
VMware vCenter Update Manager Multiple Java Vulnerabilities (VMSA-2014-0012)
The version of VMware vCenter Update Manager installed on the remote Windows host is 5.1 prior to Update 3. It is, therefore, affected by multiple vulnerabilities related to the bundled version of Oracle JRE prior to 1.6.081. C Tenable Network Security, Inc. include"compat.inc"; if description...
VMware vCenter Update Manager Multiple Vulnerabilities (VMSA-2012-0013)
The version of VMware vCenter Update Manager installed on the remote Windows host is 4.0 earlier than Update 4a, or 4.1 earlier than Update 3. Such versions use a version of the Oracle JRE 1.5 that is affected by multiple vulnerabilities. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
VMware vCenter Update Manager Directory Traversal (VMSA-2011-0014)
The version of Jetty web server included with VMware vCenter Update Manager on the remote host has a directory traversal vulnerability. This is a variant of the issue previously addressed by VMware advisory VMSA-2010-0012. The web server runs as SYSTEM by default. A remote, unauthenticated attack...
VMware vCenter Update Manager Detection
VMware vCenter Update Manager also known as vSphere Update Manager was detected on the remote host. This application is used to manage patches on vSphere hosts. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid56957; scriptversion"1.5"; scriptcvsdate"Date: 2019/11/22";...
CVE-2011-4404
The default configuration of the HTTP server in Jetty in vSphere Update Manager in VMware vCenter Update Manager 4.0 before Update 4 and 4.1 before Update 2 allows remote attackers to conduct directory traversal attacks and read arbitrary files via unspecified vectors, a related issue to...
Directory traversal
The default configuration of the HTTP server in Jetty in vSphere Update Manager in VMware vCenter Update Manager 4.0 before Update 4 and 4.1 before Update 2 allows remote attackers to conduct directory traversal attacks and read arbitrary files via unspecified vectors, a related issue to...
CVE-2011-4404
The default configuration of the HTTP server in Jetty in vSphere Update Manager in VMware vCenter Update Manager 4.0 before Update 4 and 4.1 before Update 2 allows remote attackers to conduct directory traversal attacks and read arbitrary files via unspecified vectors, a related issue to...