Show filters
61 Total Results
Displaying 1-10 of 61
Sort by:
Attacker Value
Very High

CVE-2020-3952 - VMware vCenter Server vmdir Information Disclosure

Disclosure Date: April 10, 2020 (last updated November 27, 2024)
Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller (PSC), does not correctly implement access controls.
Attacker Value
Very High

VMware vSphere Client Unauth Remote Code Execution Vulnerability — CVE-2021-219…

Disclosure Date: February 24, 2021 (last updated February 14, 2024)
The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).
Attacker Value
Very High

CVE-2021-21985

Disclosure Date: May 26, 2021 (last updated June 29, 2021)
The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.
Attacker Value
Very High

CVE-2021-44228 (Log4Shell)

Last updated February 08, 2022
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
57
Attacker Value
Very High

CVE-2021-22005

Disclosure Date: September 23, 2021 (last updated November 28, 2024)
The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file.
Attacker Value
Very High
Microsoft disclosed four actively exploited zero-day vulnerabilities being used to attack on-premises versions of Microsoft Exchange Server. The vulnerabilities identified are CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065, all of which affect Microsoft Exchange Server. Exchange Online is not affected. In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed installation of additional malware to facilitate long-term access to victim environments. Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to HAFNIUM, a group assessed to be state-sponsored and operating out of China, based on observed victimology, tactics and procedures.
18
Attacker Value
High

CVE-2020-3992 — ESXi OpenSLP remote code execution vulnerability

Disclosure Date: October 20, 2020 (last updated November 28, 2024)
OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution.
Attacker Value
Very High

CVE-2023-34048

Disclosure Date: October 25, 2023 (last updated November 01, 2023)
vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution.
Attacker Value
Unknown

CVE-2021-21986

Disclosure Date: May 26, 2021 (last updated November 28, 2024)
The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. A malicious actor with network access to port 443 on vCenter Server may perform actions allowed by the impacted plug-ins without authentication.
Attacker Value
Unknown

CVE-2023-20896

Disclosure Date: June 22, 2023 (last updated October 08, 2023)
The VMware vCenter Server contains an out-of-bounds read vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds read by sending a specially crafted packet leading to denial-of-service of certain services (vmcad, vmdird, and vmafdd).