VMware

Cloud Foundation

135 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2022-31701

  • EPSS 0.17%
  • Veröffentlicht 14.12.2022 19:15:12
  • Zuletzt bearbeitet 22.04.2025 16:15:30

VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.

8.8

CVE-2022-31696

  • EPSS 0.52%
  • Veröffentlicht 13.12.2022 16:15:19
  • Zuletzt bearbeitet 22.04.2025 16:15:29

VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox.

5.5

CVE-2022-31697

  • EPSS 0.06%
  • Veröffentlicht 13.12.2022 16:15:19
  • Zuletzt bearbeitet 22.04.2025 16:15:29

The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Server Appliance ISO operation (Install/Upgrade/Migrate/Restore)...

5.3

CVE-2022-31698

  • EPSS 1.64%
  • Veröffentlicht 13.12.2022 16:15:19
  • Zuletzt bearbeitet 31.10.2025 11:44:38

The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially c...

3.3

CVE-2022-31699

  • EPSS 0.36%
  • Veröffentlicht 13.12.2022 16:15:19
  • Zuletzt bearbeitet 22.04.2025 16:15:29

VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure.

9.1

CVE-2022-31678

  • EPSS 79.09%
  • Veröffentlicht 28.10.2022 02:15:17
  • Zuletzt bearbeitet 08.05.2025 16:15:21

VMware Cloud Foundation (NSX-V) contains an XML External Entity (XXE) vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure.

6.5

CVE-2022-31681

  • EPSS 0.12%
  • Veröffentlicht 07.10.2022 21:15:11
  • Zuletzt bearbeitet 21.11.2024 07:05:07

VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host.

7.5

CVE-2022-22982

  • EPSS 0.25%
  • Veröffentlicht 13.07.2022 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:47:44

The vCenter Server contains a server-side request forgery (SSRF) vulnerability. A malicious actor with network access to 443 on the vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal se...

9.8

CVE-2022-22972

Warnung
  • EPSS 93.76%
  • Veröffentlicht 20.05.2022 21:15:09
  • Zuletzt bearbeitet 21.11.2024 06:47:43

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the...

7.8

CVE-2022-22973

Warnung
  • EPSS 0.43%
  • Veröffentlicht 20.05.2022 21:15:09
  • Zuletzt bearbeitet 21.11.2024 06:47:43

VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'.