Summary
Detail | |||
---|---|---|---|
Vendor | Vmware | First view | 2020-06-24 |
Product | Cloud Foundation | Last view | 2023-09-27 |
Version | 4.0 | Type | Application |
Update | - | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:vmware:cloud_foundation |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
6.7 | 2023-09-27 | CVE-2023-34043 | VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'. |
6.7 | 2023-05-12 | CVE-2023-20880 | VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'. |
6.7 | 2023-05-12 | CVE-2023-20879 | VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system. |
7.2 | 2023-05-12 | CVE-2023-20878 | VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system. |
8.8 | 2023-05-12 | CVE-2023-20877 | VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation. |
7.2 | 2023-04-20 | CVE-2023-20865 | VMware Aria Operations for Logs contains a command injection vulnerability. A malicious actor with administrative privileges in VMware Aria Operations for Logs can execute arbitrary commands as root. |
9.8 | 2023-04-20 | CVE-2023-20864 | VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root. |
3.3 | 2022-12-13 | CVE-2022-31699 | VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure. |
8.8 | 2022-12-13 | CVE-2022-31696 | VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox. |
6.5 | 2022-10-07 | CVE-2022-31681 | VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host. |
7.5 | 2022-07-13 | CVE-2022-22982 | The vCenter Server contains a server-side request forgery (SSRF) vulnerability. A malicious actor with network access to 443 on the vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal service. |
5.3 | 2022-04-13 | CVE-2022-22961 | VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. A malicious actor with remote access may leak the hostname of the target system. Successful exploitation of this issue can lead to targeting victims. |
7.8 | 2022-04-13 | CVE-2022-22960 | VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. A malicious actor with local access can escalate privileges to 'root'. |
4.3 | 2022-04-13 | CVE-2022-22959 | VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site request forgery vulnerability. A malicious actor can trick a user through a cross site request forgery to unintentionally validate a malicious JDBC URI. |
7.2 | 2022-04-13 | CVE-2022-22958 | VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote code execution. |
7.2 | 2022-04-13 | CVE-2022-22957 | VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote code execution. |
7.5 | 2022-02-16 | CVE-2021-22050 | ESXi contains a slow HTTP POST denial-of-service vulnerability in rhttpproxy. A malicious actor with network access to ESXi may exploit this issue to create a denial-of-service condition by overwhelming rhttpproxy service with multiple requests. |
7.8 | 2022-02-16 | CVE-2021-22042 | VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. A malicious actor with privileges within the VMX process only, may be able to access settingsd service running as a high privileged user. |
6.7 | 2022-02-16 | CVE-2021-22041 | VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. |
6.7 | 2022-02-16 | CVE-2021-22040 | VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. |
4.9 | 2022-02-04 | CVE-2022-22939 | VMware Cloud Foundation contains an information disclosure vulnerability due to logging of credentials in plain-text within multiple log files on the SDDC Manager. A malicious actor with root access on VMware Cloud Foundation SDDC Manager may be able to view credentials in plaintext within one or more log files. |
7.8 | 2022-01-04 | CVE-2021-22045 | VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0) contains a heap-overflow vulnerability in CD-ROM device emulation. A malicious actor with access to a virtual machine with CD-ROM device emulation may be able to exploit this vulnerability in conjunction with other issues to execute code on the hypervisor from a virtual machine. |
8.8 | 2021-11-10 | CVE-2021-22048 | The vCenter Server contains a privilege escalation vulnerability in the IWA (Integrated Windows Authentication) authentication mechanism. A malicious actor with non-administrative access to vCenter Server may exploit this issue to elevate privileges to a higher privileged group. |
4.3 | 2021-10-13 | CVE-2021-22035 | VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. An authenticated malicious actor with non-administrative privileges may be able to embed untrusted data prior to exporting a CSV sheet through Log Insight which could be executed in user's environment. |
2.7 | 2021-10-13 | CVE-2021-22033 | Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
14% (7) | CWE-787 | Out-of-bounds Write |
8% (4) | CWE-502 | Deserialization of Untrusted Data |
8% (4) | CWE-416 | Use After Free |
8% (4) | CWE-125 | Out-of-bounds Read |
8% (4) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
4% (2) | CWE-532 | Information Leak Through Log Files |
4% (2) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
4% (2) | CWE-367 | Time-of-check Time-of-use (TOCTOU) Race Condition |
4% (2) | CWE-306 | Missing Authentication for Critical Function |
4% (2) | CWE-287 | Improper Authentication |
4% (2) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
2% (1) | CWE-770 | Allocation of Resources Without Limits or Throttling |
2% (1) | CWE-732 | Incorrect Permission Assignment for Critical Resource |
2% (1) | CWE-668 | Exposure of Resource to Wrong Sphere |
2% (1) | CWE-639 | Access Control Bypass Through User-Controlled Key |
2% (1) | CWE-552 | Files or Directories Accessible to External Parties |
2% (1) | CWE-476 | NULL Pointer Dereference |
2% (1) | CWE-362 | Race Condition |
2% (1) | CWE-352 | Cross-Site Request Forgery (CSRF) |
2% (1) | CWE-269 | Improper Privilege Management |
2% (1) | CWE-200 | Information Exposure |
2% (1) | CWE-193 | Off-by-one Error |
2% (1) | CWE-77 | Improper Sanitization of Special Elements used in a Command ('Comma... |
2% (1) | CWE-74 | Failure to Sanitize Data into a Different Plane ('Injection') |
2% (1) | CWE-20 | Improper Input Validation |
SAINT Exploits
Description | Link |
---|---|
VMware vCenter Server local privilege elevation | More info here |
VMware VCenter Server file upload | More info here |
VMware ESXi OpenSLP heap overflow | More info here |