VMware

Cloud Foundation

126 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2023-20864

  • EPSS 92.75%
  • Veröffentlicht 20.04.2023 21:15:08
  • Zuletzt bearbeitet 05.02.2025 16:15:34

VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.

7.2

CVE-2023-20865

  • EPSS 0.5%
  • Veröffentlicht 20.04.2023 21:15:08
  • Zuletzt bearbeitet 05.02.2025 16:15:34

VMware Aria Operations for Logs contains a command injection vulnerability. A malicious actor with administrative privileges in VMware Aria Operations for Logs can execute arbitrary commands as root.

7.2

CVE-2022-31700

  • EPSS 2.08%
  • Veröffentlicht 14.12.2022 19:15:12
  • Zuletzt bearbeitet 22.04.2025 16:15:29

VMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.

5.3

CVE-2022-31701

  • EPSS 0.21%
  • Veröffentlicht 14.12.2022 19:15:12
  • Zuletzt bearbeitet 22.04.2025 16:15:30

VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.

8.8

CVE-2022-31696

  • EPSS 0.4%
  • Veröffentlicht 13.12.2022 16:15:19
  • Zuletzt bearbeitet 22.04.2025 16:15:29

VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox.

5.5

CVE-2022-31697

  • EPSS 0.04%
  • Veröffentlicht 13.12.2022 16:15:19
  • Zuletzt bearbeitet 22.04.2025 16:15:29

The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Server Appliance ISO operation (Install/Upgrade/Migrate/Restore)...

5.3

CVE-2022-31698

  • EPSS 3.39%
  • Veröffentlicht 13.12.2022 16:15:19
  • Zuletzt bearbeitet 22.04.2025 04:15:20

The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially c...

3.3

CVE-2022-31699

  • EPSS 0.33%
  • Veröffentlicht 13.12.2022 16:15:19
  • Zuletzt bearbeitet 22.04.2025 16:15:29

VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure.

9.1

CVE-2022-31678

  • EPSS 3.28%
  • Veröffentlicht 28.10.2022 02:15:17
  • Zuletzt bearbeitet 08.05.2025 16:15:21

VMware Cloud Foundation (NSX-V) contains an XML External Entity (XXE) vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure.

6.5

CVE-2022-31681

  • EPSS 0.1%
  • Veröffentlicht 07.10.2022 21:15:11
  • Zuletzt bearbeitet 21.11.2024 07:05:07

VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host.