Cloud Foundation@3.5 Security Vulnerabilities and Issues — Cloud Foundation@3.5 CVE List

Lucene search

VmwareCloud Foundation3.5

5 matches found

CVE•added 2021/03/31 6:15 p.m.•1129 views

CVE-2021-21975

Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials.

7.5CVSS7.4AI score0.94188EPSS

CVE•added 2021/03/31 6:15 p.m.•313 views

CVE-2021-21983

Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system.

8.5CVSS6.8AI score0.83177EPSS

CVE•added 2022/05/20 9:15 p.m.•243 views

CVE-2022-22972

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.

9.8CVSS9.1AI score0.93742EPSS

CVE•added 2022/12/13 4:15 p.m.•140 views

CVE-2022-31699

VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure.

3.3CVSS5.3AI score0.00294EPSS

CVE•added 2022/12/13 4:15 p.m.•133 views

CVE-2022-31698

The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header.

5.3CVSS5.8AI score0.04595EPSS