Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vcloud director vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-5523
VMware vCloud Director for Service Providers 9.5.x before 9.5.0.3 update resolves a Remote Session Hijack vulnerability in the Tenant and Provider Portals. Successful exploitation of this issue may allow a malicious actor to access the Tenant or Provider Portals by impersonating ...
Vmware Vcloud Director
6.8
CVSSv2
CVE-2016-2076
Client Integration Plugin (CIP) in VMware vCenter Server 5.5 U3a, U3b, and U3c and 6.0 before U2; vCloud Director 5.5.5; and vRealize Automation Identity Appliance 6.2.4 prior to 6.2.4.1 mishandles session content, which allows remote malicious users to hijack sessions via a craf...
Vmware Vcloud Automation Identity Appliance 6.2.4
Vmware Vcenter Server 5.5
Vmware Vcloud Director 5.5.5
Vmware Vcenter Server
6.8
CVSSv2
CVE-2014-1211
Cross-site request forgery (CSRF) vulnerability in VMware vCloud Director 5.1.x prior to 5.1.3 allows remote malicious users to hijack the authentication of arbitrary users for requests that trigger a logout.
Vmware Vcloud Director 5.1.0
Vmware Vcloud Director 5.1.1
Vmware Vcloud Director 5.1.2
6.5
CVSSv2
CVE-2022-22966
An authenticated, high privileged malicious actor with network access to the VMware Cloud Director tenant or provider may be able to exploit a remote code execution vulnerability to gain access to the server.
Vmware Vcloud Director
6.5
CVSSv2
CVE-2020-3956
VMware Cloud Director 10.0.x prior to 10.0.0.2, 9.7.0.x prior to 9.7.0.5, 9.5.0.x prior to 9.5.0.6, and 9.1.0.x prior to 9.1.0.4 do not properly handle input leading to a code injection vulnerability. An authenticated actor may be able to send malicious traffic to VMware Cloud Di...
Vmware Vcloud Director
2 Github repositories
4.3
CVSSv2
CVE-2014-3367
Cross-site scripting (XSS) vulnerability in the vCloud Director component in Cisco Nexus 1000V InterCloud for VMware allows remote malicious users to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCuq90524.
Cisco Cisco Nexus 1000v Intercloud -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started