CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38650
https://notcve.org/view.php?id=CVE-2022-38650
12 Nov 2022 — A remote unauthenticated insecure deserialization vulnerability exists in VMware Hyperic Server 5.8.6. Exploitation of this vulnerability enables a malicious party to run arbitrary code or malware within Hyperic Server and the host operating system with the privileges of the Hyperic server process. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Existe una vulnerabilidad de deserialización insegura remota no autenticada en VMware Hyperic Server 5.8.6. La explot... • https://www.cyber.gov.au/acsc/view-all-content/alerts/multiple-vulnerabilities-vmware-vrealize-hyperic-monitoring-and-performance-management-product • CWE-502: Deserialization of Untrusted Data •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38651
https://notcve.org/view.php?id=CVE-2022-38651
12 Nov 2022 — A security filter misconfiguration exists in VMware Hyperic Server 5.8.6. Exploitation of this vulnerability enables a malicious party to bypass some authentication requirements when issuing requests to Hyperic Server. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Existe una configuración incorrecta del filtro de seguridad en VMware Hyperic Server 5.8.6. La explotación de esta vulnerabilidad permite a una parte maliciosa omitir algunos requisitos de autentica... • https://www.cyber.gov.au/acsc/view-all-content/alerts/multiple-vulnerabilities-vmware-vrealize-hyperic-monitoring-and-performance-management-product •