vmware tanzu application service for virtual machines vulnerabilities and exploits

(subscribe to this query)

The VMware Tanzu Application Service for VMs and Isolation Segment contain an information disclosure vulnerability due to the logging of credentials in hex encoding in platform system audit logs. A malicious non-admin user who has access to the platform system audit logs can acce...

Vmware Isolation Segment Vmware Tanzu Application Service For Virtual Machines

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e....

Vmware Spring Framework Cisco Cx Cloud Agent Oracle Sd-wan Edge 9.0 Oracle Retail Xstore Point Of Service 20.0.1 Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0 Oracle Financial Services Analytical Applications Infrastructure 8.1.1 Oracle Sd-wan Edge 9.1 Siemens Siveillance Identity 1.6 Siemens Siveillance Identity 1.5 Siemens Sipass Integrated 2.85 Siemens Sipass Integrated 2.80 Oracle Product Lifecycle Analytics 3.6.1 Oracle Financial Services Enterprise Case Management 8.1.1.0 Oracle Financial Services Enterprise Case Management 8.1.1.1 Oracle Financial Services Behavior Detection Platform 8.1.2.0 Oracle Financial Services Behavior Detection Platform 8.1.1.1 Oracle Financial Services Behavior Detection Platform 8.1.1.0 Oracle Communications Cloud Native Core Console 1.9.0 Oracle Communications Cloud Native Core Policy 1.15.0 Oracle Communications Cloud Native Core Unified Data Repository 1.15.0 Oracle Communications Cloud Native Core Unified Data Repository 22.1.0 Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.0

170 Github repositories7 Articles

VMware Tanzu Application Service for VMs (2.7.x versions before 2.7.19, 2.8.x versions before 2.8.13, and 2.9.x versions before 2.9.7) contains an App Autoscaler that logs the UAA admin password. This credential is redacted on VMware Tanzu Operations Manager; however, the unredac...

Vmware Tanzu Application Service For Virtual Machines Vmware Operations Manager

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook