CVE-2021-22034
https://notcve.org/view.php?id=CVE-2021-22034
Releases prior to VMware vRealize Operations Tenant App 8.6 contain an Information Disclosure Vulnerability. Las versiones anteriores a VMware vRealize Operations Tenant App versión 8.6, contienen una vulnerabilidad de Divulgación de Información • https://www.vmware.com/security/advisories/VMSA-2021-0024.html •
CVE-2021-22036
https://notcve.org/view.php?id=CVE-2021-22036
VMware vRealize Orchestrator ((8.x prior to 8.6) contains an open redirect vulnerability due to improper path handling. A malicious actor may be able to redirect victim to an attacker controlled domain due to improper path handling in vRealize Orchestrator leading to sensitive information disclosure. VMware vRealize Orchestrator (versiones 8.x anteriores a 8.6) contienen una vulnerabilidad de redireccionamiento abierto debido a un manejo inapropiado de la ruta. • https://www.vmware.com/security/advisories/VMSA-2021-0023.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2021-22013
https://notcve.org/view.php?id=CVE-2021-22013
The vCenter Server contains a file path traversal vulnerability leading to information disclosure in the appliance management API. • https://www.vmware.com/security/advisories/VMSA-2021-0020.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2021-22012
https://notcve.org/view.php?id=CVE-2021-22012
The vCenter Server contains an information disclosure vulnerability due to an unauthenticated appliance management API. • https://www.vmware.com/security/advisories/VMSA-2021-0020.html • CWE-306: Missing Authentication for Critical Function •
CVE-2021-22007
https://notcve.org/view.php?id=CVE-2021-22007
The vCenter Server contains a local information disclosure vulnerability in the Analytics service. • https://www.vmware.com/security/advisories/VMSA-2021-0020.html •