Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vcenter server vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-22008
The vCenter Server contains an information disclosure vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by sending a specially crafted json-rpc message to gain access to sensitive information.
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
578
VMScore
CVE-2021-22048
The vCenter Server contains a privilege escalation vulnerability in the IWA (Integrated Windows Authentication) authentication mechanism. A malicious actor with non-administrative access to vCenter Server may exploit this issue to elevate privileges to a higher privileged group.
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
694
VMScore
CVE-2012-6326
VMware vCenter Server 4.1 before Update 3 and 5.0 before Update 2, and vCSA 5.0 before Update 2, allows remote malicious users to cause a denial of service (disk consumption) via vectors that trigger large log entries.
Vmware Vcenter Server 4.1
Vmware Vcenter Server 5.0
Vmware Vcenter Server Appliance 5.0
356
VMScore
CVE-2022-22948
The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information.
Vmware Cloud Foundation
Vmware Cloud Foundation 3.11
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
1 Github repository
383
VMScore
CVE-2014-8371
VMware vCenter Server Appliance (vCSA) 5.5 before Update 2, 5.1 before Update 3, and 5.0 before Update 3c does not properly validate certificates when connecting to a CIM Server on an ESXi host, which allows man-in-the-middle malicious users to spoof CIM servers via a crafted cer...
Vmware Vcenter Server Appliance 5.1
Vmware Vcenter Server Appliance 5.0
Vmware Vcenter Server Appliance 5.5
NA
CVE-2022-31680
The vCenter Server contains an unsafe deserialisation vulnerability in the PSC (Platform services controller). A malicious actor with admin access on vCenter server may exploit this issue to execute arbitrary code on the underlying operating system that hosts the vCenter Server.
Vmware Vcenter Server 6.5
Vmware Vcenter Server
1 Article
676
VMScore
CVE-2013-1659
VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5.1 prior to 5.1.0b; VMware ESXi 3.5 up to and including 5.1; and VMware ESX 3.5 up to and including 4.1 do not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle malicious u...
Vmware Vcenter Server 4.0
Vmware Vcenter Server Appliance 5.1.0a
Vmware Vcenter Server Appliance 5.1
Vmware Vcenter Server 5.0
Vmware Esxi 5.1
Vmware Esxi 5.0
Vmware Esxi 4.0
Vmware Esxi 4.1
Vmware Esxi 3.5
383
VMScore
CVE-2014-4241
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote malicious users to affect integrity via vectors related to WLS - Web Services.
Vmware Vcenter Server 5.1
Vmware Vcenter Server 5.0
Vmware Esxi 5.1
Vmware Vcenter Server 5.5
Vmware Vcenter Server Appliance 5.1
Oracle Fusion Middleware 10.0.2
Oracle Fusion Middleware 10.3.6
1 Github repository
445
VMScore
CVE-2020-3976
VMware ESXi and vCenter Server contain a partial denial of service vulnerability in their respective authentication services. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.
Vmware Cloud Foundation
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Esxi 6.5
Vmware Esxi 6.7
Vmware Esxi 7.0
383
VMScore
CVE-2019-5537
Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance (6.7 prior to 6.7u3a and 6.5 prior to 6.5u3d) may allow a malicious actor to intercept sensitive d...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »