VMware

Cloud Foundation

132 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2022-22960

Warnung Exploit
  • EPSS 70.42%
  • Veröffentlicht 13.04.2022 18:15:13
  • Zuletzt bearbeitet 30.10.2025 20:03:55

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. A malicious actor with local access can escalate privileges to 'root'.

5.3

CVE-2022-22961

  • EPSS 0.38%
  • Veröffentlicht 13.04.2022 18:15:13
  • Zuletzt bearbeitet 21.11.2024 06:47:41

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. A malicious actor with remote access may leak the hostname of the target system. Successful exp...

10

CVE-2022-22954

Warnung Exploit
  • EPSS 94.44%
  • Veröffentlicht 11.04.2022 20:15:19
  • Zuletzt bearbeitet 30.10.2025 20:04:37

VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code ex...

6.5

CVE-2022-22948

Warnung
  • EPSS 26.01%
  • Veröffentlicht 29.03.2022 18:15:08
  • Zuletzt bearbeitet 31.10.2025 15:56:49

The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information.

7.8

CVE-2022-22945

  • EPSS 0.13%
  • Veröffentlicht 16.02.2022 17:15:11
  • Zuletzt bearbeitet 21.11.2024 06:47:39

VMware NSX Edge contains a CLI shell injection vulnerability. A malicious actor with SSH access to an NSX-Edge appliance can execute arbitrary commands on the operating system as root.

6.7

CVE-2021-22040

  • EPSS 0.66%
  • Veröffentlicht 16.02.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 05:49:29

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX pr...

6.7

CVE-2021-22041

  • EPSS 0.52%
  • Veröffentlicht 16.02.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 05:49:29

VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX proc...

7.8

CVE-2021-22042

  • EPSS 0.25%
  • Veröffentlicht 16.02.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 05:49:29

VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. A malicious actor with privileges within the VMX process only, may be able to access settingsd service running as a high privileged...

7.5

CVE-2021-22050

  • EPSS 1.01%
  • Veröffentlicht 16.02.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 05:49:30

ESXi contains a slow HTTP POST denial-of-service vulnerability in rhttpproxy. A malicious actor with network access to ESXi may exploit this issue to create a denial-of-service condition by overwhelming rhttpproxy service with multiple requests.

4.9

CVE-2022-22939

  • EPSS 0.48%
  • Veröffentlicht 04.02.2022 23:15:13
  • Zuletzt bearbeitet 31.10.2025 11:44:38

VMware Cloud Foundation contains an information disclosure vulnerability due to logging of credentials in plain-text within multiple log files on the SDDC Manager. A malicious actor with root access on VMware Cloud Foundation SDDC Manager may be able...