Show filters
61 Total Results
Displaying 51-60 of 61
Sort by:
Attacker Value
Unknown

CVE-2012-6326

Disclosure Date: February 22, 2013 (last updated October 05, 2023)
VMware vCenter Server 4.1 before Update 3 and 5.0 before Update 2, and vCSA 5.0 before Update 2, allows remote attackers to cause a denial of service (disk consumption) via vectors that trigger large log entries.
0
Attacker Value
Unknown

CVE-2013-1405

Disclosure Date: February 15, 2013 (last updated October 05, 2023)
VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, VMware VirtualCenter 2.5, VMware vSphere Client 4.0 before Update 4b and 4.1 before Update 3a, VMware VI-Client 2.5, VMware ESXi 3.5 through 4.1, and VMware ESX 3.5 through 4.1 do not properly implement the management authentication protocol, which allow remote servers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
0
Attacker Value
Unknown

CVE-2012-6325

Disclosure Date: December 21, 2012 (last updated October 05, 2023)
VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 does not properly parse XML documents, which allows remote authenticated users to read arbitrary files via unspecified vectors.
0
Attacker Value
Unknown

CVE-2012-6324

Disclosure Date: December 21, 2012 (last updated October 05, 2023)
Directory traversal vulnerability in VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 and 5.1 before Patch 1 allows remote authenticated users to read arbitrary files via unspecified vectors.
0
Attacker Value
Unknown

CVE-2012-5050

Disclosure Date: October 05, 2012 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in the server in VMware vCenter Operations (aka vCOps) before 5.0.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
Attacker Value
Unknown

CVE-2012-1513

Disclosure Date: March 16, 2012 (last updated October 04, 2023)
The Web Configuration tool in VMware vCenter Orchestrator (vCO) 4.0 before Update 4, 4.1 before Update 2, and 4.2 before Update 1 places the vCenter Server password in an HTML document, which allows remote authenticated administrators to obtain sensitive information by reading this document.
0
Attacker Value
Unknown

CVE-2011-4404

Disclosure Date: November 19, 2011 (last updated October 04, 2023)
The default configuration of the HTTP server in Jetty in vSphere Update Manager in VMware vCenter Update Manager 4.0 before Update 4 and 4.1 before Update 2 allows remote attackers to conduct directory traversal attacks and read arbitrary files via unspecified vectors, a related issue to CVE-2009-1523.
0
Attacker Value
Unknown

CVE-2011-1788

Disclosure Date: May 09, 2011 (last updated October 04, 2023)
vCenter Server in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1 allows local users to discover the SOAP session ID via unspecified vectors.
0
Attacker Value
Unknown

CVE-2011-0426

Disclosure Date: May 09, 2011 (last updated October 04, 2023)
Directory traversal vulnerability in vCenter Server in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1, and VMware VirtualCenter 2.5 before Update 6a, allows remote attackers to read arbitrary files via unspecified vectors.
0
Attacker Value
Unknown

CVE-2010-2928

Disclosure Date: February 16, 2011 (last updated October 04, 2023)
The vCenter Tomcat Management Application in VMware vCenter Server 4.1 before Update 1 stores log-on credentials in a configuration file, which allows local users to gain privileges by reading this file.
0