Cloud Foundation@4.5 Security Vulnerabilities and Issues — Cloud Foundation@4.5 CVE List

Lucene search

VmwareCloud Foundation4.5

11 matches found

CVE•added 2022/12/13 4:15 p.m.•169 views

CVE-2022-31696

VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox.

8.8CVSS8.5AI score0.00402EPSS

CVE•added 2023/04/20 9:15 p.m.•132 views

CVE-2023-20864

VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.

9.8CVSS9.7AI score0.92747EPSS

CVE•added 2023/04/20 9:15 p.m.•94 views

CVE-2023-20865

VMware Aria Operations for Logs contains a command injection vulnerability. A malicious actor with administrative privileges in VMware Aria Operations for Logs can execute arbitrary commands as root.

7.2CVSS8.9AI score0.00495EPSS

CVE•added 2023/05/12 9:15 p.m.•79 views

CVE-2023-20877

VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation.

8.8CVSS8.9AI score0.00392EPSS

CVE•added 2025/06/04 8:15 p.m.•69 views

CVE-2025-22243

VMware NSX Manager UI is vulnerable to a stored Cross-Site Scripting (XSS) attack due to improper input validation.

7.5CVSS5.7AI score0.00039EPSS

CVE•added 2023/05/12 9:15 p.m.•57 views

CVE-2023-20880

VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.

6.7CVSS7.3AI score0.00041EPSS

CVE•added 2023/05/12 9:15 p.m.•56 views

CVE-2023-20879

VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system.

6.7CVSS7.3AI score0.00045EPSS

CVE•added 2025/06/04 8:15 p.m.•56 views

CVE-2025-22244

VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the gateway firewall due to improper input validation.

6.9CVSS5.6AI score0.00045EPSS

CVE•added 2023/05/12 9:15 p.m.•54 views

CVE-2023-20878

VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system.

7.2CVSS7.8AI score0.00557EPSS

CVE•added 2025/06/04 8:15 p.m.•51 views

CVE-2025-22245

VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the router port due to improper input validation.

5.9CVSS5.4AI score0.00038EPSS

CVE•added 2025/05/20 1:15 p.m.•33 views

CVE-2025-41231

VMware Cloud Foundation contains a missing authorisation vulnerability. A malicious actor with access to VMware Cloud Foundation appliance may be able to perform certain unauthorised actions and access limited sensitive information.

7.3CVSS7.1AI score0.00024EPSS