vmware vcenter server 6.5 vulnerabilities and exploits

(subscribe to this query)

VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j) contains an information disclosure vulnerability where Virtual Machines deployed from an OVF could expose login information via the virtual machine's vAppConfig properties. A...

Vmware Vcenter Server 6.0 Vmware Vcenter Server 6.7 Vmware Vcenter Server 6.5

The vSphere Web Client (FLEX/Flash) contains an SSRF (Server Side Request Forgery) vulnerability in the vSAN Web Client (vSAN UI) plug-in. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by accessing a URL request outside of vCenter...

Vmware Vcenter Server 6.5 Vmware Vcenter Server 6.7 Vmware Vcenter Server 7.0

The vCenter Server contains an unsafe deserialisation vulnerability in the PSC (Platform services controller). A malicious actor with admin access on vCenter server may exploit this issue to execute arbitrary code on the underlying operating system that hosts the vCenter Server....

Vmware Vcenter Server 6.5 Vmware Vcenter Server1 Github repository available1 Article available

VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges to use the VIX API to access Guest Operating Systems without the need to authenticate....

Vmware Vcenter Server 5.5 Vmware Vcenter Server 6.5 Vmware Vcenter Server 6.0

VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j) contains an information disclosure vulnerability due to the logging of credentials in plain-text for virtual machines deployed through OVF. A malicious user with access to the log files...

Vmware Vcenter Server 6.0 Vmware Vcenter Server 6.7 Vmware Vcenter Server 6.5

The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file....

Vmware Cloud Foundation Vmware Vcenter Server 6.5 Vmware Vcenter Server 6.7 Vmware Vcenter Server 7.032 Github repositories available8 Articles available

The vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens. A malicious actor with non-administrative user access on vCenter Server host may exploit this issue to escalate privileges to Administrator on the vSphere Client...

Vmware Vcenter Server 6.5 Vmware Vcenter Server 6.7 Vmware Vcenter Server 7.0 Vmware Cloud Foundation

The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Server Appliance ISO operation (Install/Upgrade/Migrate/Restore) can access plaintext...

Vmware Vcenter Server 6.5 Vmware Vcenter Server 6.7 Vmware Vcenter Server 7.0 Vmware Cloud Foundation1 Github repository available1 Article available

The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. A malicious actor with network access to port 443 on vCenter...

Vmware Vcenter Server 6.5 Vmware Vcenter Server 6.7 Vmware Vcenter Server 7.0 Vmware Cloud Foundation2 Articles available

The vCenter Server contains a denial-of-service vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 5480 on vCenter Server may exploit this issue by sending a specially crafted jsonrpc message to create a denial of service condition....

Vmware Cloud Foundation Vmware Vcenter Server 6.5 Vmware Vcenter Server 6.7 Vmware Vcenter Server 7.0

1 2 3 4 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook