CVE-2023-20893
https://notcve.org/view.php?id=CVE-2023-20893
The VMware vCenter Server contains a use-after-free vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit this issue to execute arbitrary code on the underlying operating system that hosts vCenter Server. • https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1799 https://www.vmware.com/security/advisories/VMSA-2023-0014.html • CWE-416: Use After Free •
CVE-2023-20892 – VMware vCenter Server heap-overflow vulnerability
https://notcve.org/view.php?id=CVE-2023-20892
The vCenter Server contains a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit heap-overflow vulnerability to execute arbitrary code on the underlying operating system that hosts vCenter Server. • https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1801 https://www.vmware.com/security/advisories/VMSA-2023-0014.html • CWE-787: Out-of-bounds Write •
CVE-2022-31680
https://notcve.org/view.php?id=CVE-2022-31680
The vCenter Server contains an unsafe deserialisation vulnerability in the PSC (Platform services controller). A malicious actor with admin access on vCenter server may exploit this issue to execute arbitrary code on the underlying operating system that hosts the vCenter Server. El servidor vCenter contiene una vulnerabilidad de deserialización no segura en el PSC (Platform services controller). Un actor malicioso con acceso de administrador en el servidor vCenter puede aprovechar este problema para ejecutar código arbitrario en el sistema operativo subyacente que aloja el servidor vCenter • https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1587 https://www.vmware.com/security/advisories/VMSA-2022-0025.html • CWE-502: Deserialization of Untrusted Data •
CVE-2017-4928
https://notcve.org/view.php?id=CVE-2017-4928
The flash-based vSphere Web Client (6.0 prior to 6.0 U3c and 5.5 prior to 5.5 U3f) i.e. not the new HTML5-based vSphere Client, contains SSRF and CRLF injection issues due to improper neutralization of URLs. An attacker may exploit these issues by sending a POST request with modified headers towards internal services leading to information disclosure. vSphere Web Client basado en flash(en versiones 6.0 anteriores a la 6.0 U3c y versiones 5.5 anteriores a la 5.5 U3f), es decir, no el nuevo vSphere Client basado en HTML5, contiene problemas de inyección SSRF y CRLF debido a una neutralización incorrecta de URL. Un atacante puede explotar estos errores enviando una petición POST con cabeceras modificadas a servicios internos, lo que da lugar a una revelación de información. • http://www.securityfocus.com/bid/101785 http://www.securitytracker.com/id/1039759 https://www.vmware.com/security/advisories/VMSA-2017-0017.html • CWE-352: Cross-Site Request Forgery (CSRF) CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2017-4919
https://notcve.org/view.php?id=CVE-2017-4919
VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges to use the VIX API to access Guest Operating Systems without the need to authenticate. VMware vCenter Server versiones 5.5, 6.0, 6.5, permite a los usuarios de vSphere con ciertos privilegios de vSphere limitados usar la API VIX para acceder a los Sistemas Operativos Invitados sin la necesidad de autenticarse. • http://www.securityfocus.com/bid/100102 http://www.securitytracker.com/id/1039004 http://www.vmware.com/security/advisories/VMSA-2017-0012.html • CWE-306: Missing Authentication for Critical Function •