Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vcenter server vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-22011
vCenter Server contains an unauthenticated API endpoint vulnerability in vCenter Server Content Library. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to perform unauthenticated VM network setting manipulation.
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
1 Article
445
VMScore
CVE-2021-22009
The vCenter Server contains multiple denial-of-service vulnerabilities in VAPI (vCenter API) service. A malicious actor with network access to port 443 on vCenter Server may exploit these issues to create a denial of service condition due to excessive memory consumption by VAPI s...
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
445
VMScore
CVE-2021-22010
The vCenter Server contains a denial-of-service vulnerability in VPXD service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to create a denial of service condition due to excessive memory consumption by VPXD service.
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
445
VMScore
CVE-2021-22012
The vCenter Server contains an information disclosure vulnerability due to an unauthenticated appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
445
VMScore
CVE-2021-22013
The vCenter Server contains a file path traversal vulnerability leading to information disclosure in the appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
445
VMScore
CVE-2020-3976
VMware ESXi and vCenter Server contain a partial denial of service vulnerability in their respective authentication services. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.
Vmware Vcenter Server 6.5
Vmware Esxi 6.5
Vmware Esxi 6.7
Vmware Vcenter Server 6.7
Vmware Cloud Foundation
Vmware Vcenter Server 7.0
Vmware Esxi 7.0
445
VMScore
CVE-2017-4928
The flash-based vSphere Web Client (6.0 before 6.0 U3c and 5.5 before 5.5 U3f) i.e. not the new HTML5-based vSphere Client, contains SSRF and CRLF injection issues due to improper neutralization of URLs. An attacker may exploit these issues by sending a POST request with modified...
Vmware Vcenter Server 6.0
Vmware Vcenter Server 5.5
445
VMScore
CVE-2017-4927
VMware vCenter Server (6.5 before 6.5 U1 and 6.0 before 6.0 U3c) does not correctly handle specially crafted LDAP network packets which may allow for remote denial of service.
Vmware Vcenter Server
445
VMScore
CVE-2017-4923
VMware vCenter Server (6.5 before 6.5 U1) contains an information disclosure vulnerability. This issue may allow plaintext credentials to be obtained when using the vCenter Server Appliance file-based backup feature.
Vmware Vcenter Server 6.5
445
VMScore
CVE-2017-4917
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server credentials using reversible encryption. This issue may allow plaintext credentials to be obtained.
Vmware Vsphere Data Protection 5.8.2
Vmware Vsphere Data Protection 5.5.10
Vmware Vsphere Data Protection 6.1.0
Vmware Vsphere Data Protection 6.0.3
Vmware Vsphere Data Protection 6.0.1
Vmware Vsphere Data Protection 6.1.3
Vmware Vsphere Data Protection 5.5.7
Vmware Vsphere Data Protection 5.8.4
Vmware Vsphere Data Protection 5.5.11
Vmware Vsphere Data Protection 5.8.1
Vmware Vsphere Data Protection 6.1.1
Vmware Vsphere Data Protection 5.8.3
Vmware Vsphere Data Protection 5.5.6
Vmware Vsphere Data Protection 5.5.9
Vmware Vsphere Data Protection 6.0.0
Vmware Vsphere Data Protection 6.0.4
Vmware Vsphere Data Protection 6.1.2
Vmware Vsphere Data Protection 5.5.5
Vmware Vsphere Data Protection 5.5.8
Vmware Vsphere Data Protection 6.0.2
Vmware Vsphere Data Protection 5.8.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »