Cloud Foundation@3.9.1 Security Vulnerabilities and Issues — Cloud Foundation@3.9.1 CVE List

Lucene search

VmwareCloud Foundation3.9.1

5 matches found

CVE•added 2021/03/31 6:15 p.m.•1162 views

CVE-2021-21975

Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials.

7.5CVSS7.4AI score0.94416EPSS

In wild

CVE•added 2021/03/31 6:15 p.m.•348 views

CVE-2021-21983

Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system.

8.5CVSS6.8AI score0.83177EPSS

In wild

CVE•added 2022/05/20 9:15 p.m.•277 views

CVE-2022-22972

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.

9.8CVSS9.1AI score0.93742EPSS

In wild

CVE•added 2022/12/13 4:15 p.m.•141 views

CVE-2022-31699

VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure.

3.3CVSS5.3AI score0.00327EPSS

CVE•added 2022/12/13 4:15 p.m.•134 views

CVE-2022-31698

The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header.

5.3CVSS5.8AI score0.05013EPSS