CVSS: 9.0EPSS: 2%CPEs: 2EXPL: 0CVE-2014-3790 – VMware vCenter Server Appliance Ruby vSphere Console Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2014-3790
Ruby vSphere Console (RVC) in VMware vCenter Server Appliance allows remote authenticated users to execute arbitrary commands as root by escaping from a chroot jail. Ruby vSphere Console (RVC) en VMware vCenter Server Appliance permite a usuarios remotos autenticados ejecutar comandos arbitrarios como root mediante la evasión de una jaula chroot. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of VMware vCenter Appliance. Authentication is required to exploit this vulnerability. The specific flaw exists within the usage of the Ruby vSphere Console (RVC) provided by the vCenter Server Appliance. Commands can be run in a privileged context allowing an attacker to break-out of a chroot jail. • http://secunia.com/advisories/58823 http://www.securityfocus.com/bid/67756 http://www.securitytracker.com/id/1030436 http://zerodayinitiative.com/advisories/ZDI-14-159 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0CVE-2013-5971
https://notcve.org/view.php?id=CVE-2013-5971
Session fixation vulnerability in the vSphere Web Client Server in VMware vCenter Server 5.0 before Update 3 allows remote attackers to hijack web sessions and gain privileges via unspecified vectors. Vulnerabilidad de fijación de sesión en el vSphere Web Client Server de VMware vCenter Server 5.0 anterior a Update 3 permite a atacantes remotos secuestrar sesiones web y obtener privilegios a través de vectores sin especificar. • http://osvdb.org/98718 http://www.securityfocus.com/bid/63218 http://www.vmware.com/security/advisories/VMSA-2013-0012.html https://exchange.xforce.ibmcloud.com/vulnerabilities/88134 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 96%CPEs: 7EXPL: 1CVE-2013-3520 – VMware vCenter Chargeback Manager ImageUploadServlet Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-3520
VMware vCenter Chargeback Manager (aka CBM) before 2.5.1 does not proper handle uploads, which allows remote attackers to execute arbitrary code via unspecified vectors. VMware vCenter Chargeback Manager (aka CBM) anterior a 2.5.1 no maneja adecuadamente las subidas, lo que permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of VMware vCenter Chargeback Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of requests to the ImageUploadServlet. This service exposes the functionality which contains a flaw that allows attackers to create files at arbitrary locations with attacker controlled data. • https://www.exploit-db.com/exploits/27046 http://www.vmware.com/security/advisories/VMSA-2013-0008.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2013-3080
https://notcve.org/view.php?id=CVE-2013-3080
VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to create or overwrite arbitrary files, and consequently execute arbitrary code or cause a denial of service, by leveraging Virtual Appliance Management Interface (VAMI) web-interface access. VMware vCenter Server Appliance (vcsa) v5.1 antes Update 1 permite a los usuarios remotos autenticados crear o sobreescribir archivos arbitrarios, y por lo tanto ejecutar código arbitrario o causar una denegación de servicio, aprovechando la interfaz de administración de dispositivo virtual (VAMI) Acceso a la interfaz web. • http://www.vmware.com/security/advisories/VMSA-2013-0006.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2013-3107
https://notcve.org/view.php?id=CVE-2013-3107
VMware vCenter Server 5.1 before Update 1, when anonymous LDAP binding for Active Directory is enabled, allows remote attackers to bypass authentication by providing a valid username in conjunction with an empty password. VMware vCenter Server v5.1 Update 1 antes, cuando el enlace LDAP anónimo para Active Directory está activado, permite a atacantes remotos evitar la autenticación proporcionando un nombre de usuario válido en combinación con una contraseña vacía. • http://www.vmware.com/security/advisories/VMSA-2013-0006.html • CWE-264: Permissions, Privileges, and Access Controls •