Page 13 of 131 results (0.177 seconds)

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

The vCenter Server contains a local information disclosure vulnerability in the Analytics service. • https://www.vmware.com/security/advisories/VMSA-2021-0020.html •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

An authorised user with access to content library may exploit this issue by sending a POST request to vCenter Server leading to information disclosure. vCenter Server contiene una vulnerabilidad de tipo SSRF (Server Side Request Forgery) debido a una comprobación inapropiada de las URL en la biblioteca de contenidos del servidor vCenter. • https://www.vmware.com/security/advisories/VMSA-2021-0020.html • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 7.5EPSS: 2%CPEs: 4EXPL: 0

The vCenter Server contains an information disclosure vulnerability in VAPI (vCenter API) service. ... Un actor malicioso con acceso de red al puerto 443 en vCenter Server puede explotar este problema mediante el envío de un mensaje json-rpc especialmente diseñado para conseguir acceso a información confidencial This vulnerability allows remote attackers to disclose sensitive information on affected installations of VMware vCenter Server Appliance. • https://www.vmware.com/security/advisories/VMSA-2021-0020.html •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information disclosure. • https://www.vmware.com/security/advisories/VMSA-2021-0018.html • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information disclosure. • https://www.vmware.com/security/advisories/VMSA-2021-0018.html • CWE-918: Server-Side Request Forgery (SSRF) •