Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
VmwareCloud Foundation3.0

3 matches found

CVE
CVEadded 2021/03/31 6:15 p.m.1130 views

CVE-2021-21975

Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials.

7.5CVSS7.4AI score0.94188EPSS
CVE
CVEadded 2021/03/31 6:15 p.m.314 views

CVE-2021-21983

Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system.

8.5CVSS6.8AI score0.83177EPSS
CVE
CVEadded 2021/11/24 5:15 p.m.170 views

CVE-2021-21980

The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.

7.5CVSS8.6AI score0.19316EPSS