Page 13 of 82 results (0.008 seconds)

CVSS: 7.5EPSS: 97%CPEs: 27EXPL: 7

CVE-2021-21975 – VMware Server Side Request Forgery in vRealize Operations Manager API

https://notcve.org/view.php?id=CVE-2021-21975

Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials. una vulnerabilidad de Server Side Request Forgery en la API vRealize Operations Manager (CVE-2021-21975) anterior a la versión 8.4, puede permitir que un actor malicioso con acceso de red a la API vRealize Operations Manager pueda realizar un ataque de tipo Server Side Request Forgery para robar credenciales administrativas. Server Side Request Forgery (SSRF) in vRealize Operations Manager API prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API to perform a SSRF attack to steal administrative credentials. • https://github.com/GuayoyoCyber/CVE-2021-21975 https://github.com/Al1ex/CVE-2021-21975 https://github.com/murataydemir/CVE-2021-21975 https://github.com/Vulnmachines/VMWare-CVE-2021-21975 https://github.com/dorkerdevil/CVE-2021-21975 http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html https://www.vmware.com/security/advisories/VMSA-2021-0004.html https://twitter.com/ptswarm/status/1376961747232382976 https://attackerkb.com/topi • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 8.5EPSS: 0%CPEs: 27EXPL: 3

CVE-2021-21983 – VMware vRealize Operations (vROps) Manager SSRF RCE

https://notcve.org/view.php?id=CVE-2021-21983

Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system. La vulnerabilidad de escritura arbitraria de archivos en la API vRealize Operations Manager (CVE-2021-21983) anterior a la versión 8.4, puede permitir que un actor malicioso autenticado con acceso de red para la API vRealize Operations Manager pueda escribir archivos en ubicaciones arbitrarias en el sistema operativo photon subyacente. • https://github.com/murataydemir/CVE-2021-21983 http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html https://www.vmware.com/security/advisories/VMSA-2021-0004.html https://twitter.com/ptswarm/status/1376961747232382976 https://attackerkb.com/topics/51Vx3lNI7B/cve-2021-21975#rapid7-analysis https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/vmware_vrops_mgr_ssrf_rce.rb •

CVSS: 5.3EPSS: 13%CPEs: 43EXPL: 1

CVE-2021-21973 – VMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability

https://notcve.org/view.php?id=CVE-2021-21973

The vSphere Client (HTML5) contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue by sending a POST request to vCenter Server plugin leading to information disclosure. This affects: VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2). El VSphere Client (HTML5) contiene una vulnerabilidad SSRF (Server Side Request Forgery) debido a una comprobación inapropiada de las URL en un plugin de vCenter Server. Un actor malicioso con acceso de red al puerto 443 puede explotar este problema mediante el envío de una petición POST al plugin vCenter Server conllevando a una divulgación de información. • https://github.com/freakanonymous/CVE-2021-21973-Automateme https://www.vmware.com/security/advisories/VMSA-2021-0002.html • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 10.0EPSS: 97%CPEs: 43EXPL: 25

CVE-2021-21972 – VMware vCenter Server Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2021-21972

The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2). El VSphere Client (HTML5) contiene una vulnerabilidad de ejecución de código remota en un plugin de vCenter Server. Un actor malicioso con acceso de red al puerto 443 puede explotar este problema para ejecutar comandos con privilegios no restringidos en el sistema operativo subyacente que aloja vCenter Server. • https://www.exploit-db.com/exploits/50056 https://www.exploit-db.com/exploits/49602 https://github.com/NS-Sp4ce/CVE-2021-21972 https://github.com/horizon3ai/CVE-2021-21972 https://github.com/QmF0c3UK/CVE-2021-21972-vCenter-6.5-7.0-RCE-POC https://github.com/alt3kx/CVE-2021-21972 https://github.com/milo2012/CVE-2021-21972 https://github.com/B1anda0/CVE-2021-21972 https://github.com/TaroballzChen/CVE-2021-21972 https://github.com/GuayoyoCyber/CVE-2021-21972 https • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 8.8EPSS: 93%CPEs: 233EXPL: 3

CVE-2021-21974 – VMware ESXi SLP Heap-based Buffer Overflow Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2021-21974

OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG) has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue in OpenSLP service resulting in remote code execution. OpenSLP como es usado en ESXi (versiones 7.0 anteriores a ESXi70U1c-17325551, versiones 6.7 anteriores a ESXi670-202102401-SG, versiones 6.5 anteriores a ESXi650-202102101-SG), presenta una vulnerabilidad de desbordamiento de la pila. Un actor malicioso que reside dentro del mismo segmento de red que ESXi y que presenta acceso al puerto 427 puede desencadenar el problema de desbordamiento de la pila en el servicio OpenSLP, resultando en una ejecución de código remota This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of VMware ESXi. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SLP messages. • https://github.com/Shadow0ps/CVE-2021-21974 https://github.com/n2x4/Feb2023-CVE-2021-21974-OSINT http://packetstormsecurity.com/files/162957/VMware-ESXi-OpenSLP-Heap-Overflow.html https://www.vmware.com/security/advisories/VMSA-2021-0002.html https://www.zerodayinitiative.com/advisories/ZDI-21-250 • CWE-787: Out-of-bounds Write •