VMware

Cloud Foundation

126 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.8

CVE-2025-22221

  • EPSS 0.13%
  • Veröffentlicht 30.01.2025 16:15:31
  • Zuletzt bearbeitet 14.05.2025 16:47:14

VMware Aria Operation for Logs contains a stored cross-site scripting vulnerability. A malicious actor with admin privileges to VMware Aria Operations for Logs may be able to inject a malicious script that could be executed in a victim's browser when...

6.5

CVE-2025-22222

  • EPSS 0.17%
  • Veröffentlicht 30.01.2025 16:15:31
  • Zuletzt bearbeitet 14.05.2025 16:47:55

VMware Aria Operations contains an information disclosure vulnerability. A malicious user with non-administrative privileges may exploit this vulnerability to retrieve credentials for an outbound plugin if a valid service credential ID is known.

7.7

CVE-2025-22218

  • EPSS 0.14%
  • Veröffentlicht 30.01.2025 15:15:18
  • Zuletzt bearbeitet 14.05.2025 16:45:25

VMware Aria Operations for Logs contains an information disclosure vulnerability. A malicious actor with View Only Admin permissions may be able to read the credentials of a VMware product integrated with VMware Aria Operations for Logs

7.8

CVE-2024-38830

  • EPSS 0.04%
  • Veröffentlicht 26.11.2024 12:15:18
  • Zuletzt bearbeitet 14.05.2025 16:43:34

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges may trigger this vulnerability to escalate privileges to root user on the appliance running VMware Aria Operations.

7.8

CVE-2024-38831

  • EPSS 0.32%
  • Veröffentlicht 26.11.2024 12:15:18
  • Zuletzt bearbeitet 14.05.2025 16:43:22

VMware Aria Operations contains a local privilege escalation vulnerability.  A malicious actor with local administrative privileges can insert malicious commands into the properties file to escalate privileges to  a root user on the appliance running...

6.4

CVE-2024-38832

  • EPSS 0.74%
  • Veröffentlicht 26.11.2024 12:15:18
  • Zuletzt bearbeitet 14.05.2025 16:36:53

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to views may be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.

5.4

CVE-2024-38833

  • EPSS 0.23%
  • Veröffentlicht 26.11.2024 12:15:18
  • Zuletzt bearbeitet 14.05.2025 16:36:49

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to email templates might inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.

4.8

CVE-2024-38834

  • EPSS 0.37%
  • Veröffentlicht 26.11.2024 12:15:18
  • Zuletzt bearbeitet 14.05.2025 16:36:45

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to cloud provider might be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations...

6.7

CVE-2024-38817

  • EPSS 0.04%
  • Veröffentlicht 09.10.2024 20:15:08
  • Zuletzt bearbeitet 10.10.2024 12:51:56

VMware NSX contains a command injection vulnerability.  A malicious actor with access to the NSX Edge CLI terminal may be able to craft malicious payloads to execute arbitrary commands on the operating system as root.

6.7

CVE-2024-38818

  • EPSS 0.06%
  • Veröffentlicht 09.10.2024 20:15:08
  • Zuletzt bearbeitet 10.10.2024 12:51:56

VMware NSX contains a local privilege escalation vulnerability.  An authenticated malicious actor may exploit this vulnerability to obtain permissions from a separate group role than previously assigned.