VMware

Cloud Foundation

135 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2022-22957

  • EPSS 40.04%
  • Veröffentlicht 13.04.2022 18:15:13
  • Zuletzt bearbeitet 21.11.2024 06:47:41

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). A malicious actor with administrative access can trigger deserialization of untrusted data thro...

7.2

CVE-2022-22958

  • EPSS 3.02%
  • Veröffentlicht 13.04.2022 18:15:13
  • Zuletzt bearbeitet 21.11.2024 06:47:41

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). A malicious actor with administrative access can trigger deserialization of untrusted data thro...

4.3

CVE-2022-22959

  • EPSS 0.29%
  • Veröffentlicht 13.04.2022 18:15:13
  • Zuletzt bearbeitet 21.11.2024 06:47:41

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site request forgery vulnerability. A malicious actor can trick a user through a cross site request forgery to unintentionally validate a malicious JDBC URI.

7.8

CVE-2022-22960

Warnung Exploit
  • EPSS 70.42%
  • Veröffentlicht 13.04.2022 18:15:13
  • Zuletzt bearbeitet 30.10.2025 20:03:55

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. A malicious actor with local access can escalate privileges to 'root'.

5.3

CVE-2022-22961

  • EPSS 0.38%
  • Veröffentlicht 13.04.2022 18:15:13
  • Zuletzt bearbeitet 21.11.2024 06:47:41

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. A malicious actor with remote access may leak the hostname of the target system. Successful exp...

10

CVE-2022-22954

Warnung Exploit
  • EPSS 94.44%
  • Veröffentlicht 11.04.2022 20:15:19
  • Zuletzt bearbeitet 30.10.2025 20:04:37

VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code ex...

6.5

CVE-2022-22948

Warnung
  • EPSS 28.82%
  • Veröffentlicht 29.03.2022 18:15:08
  • Zuletzt bearbeitet 31.10.2025 15:56:49

The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information.

7.8

CVE-2022-22945

  • EPSS 0.1%
  • Veröffentlicht 16.02.2022 17:15:11
  • Zuletzt bearbeitet 21.11.2024 06:47:39

VMware NSX Edge contains a CLI shell injection vulnerability. A malicious actor with SSH access to an NSX-Edge appliance can execute arbitrary commands on the operating system as root.

6.7

CVE-2021-22040

  • EPSS 0.66%
  • Veröffentlicht 16.02.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 05:49:29

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX pr...

6.7

CVE-2021-22041

  • EPSS 0.52%
  • Veröffentlicht 16.02.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 05:49:29

VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX proc...