CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38651
https://notcve.org/view.php?id=CVE-2022-38651
A security filter misconfiguration exists in VMware Hyperic Server 5.8.6. Exploitation of this vulnerability enables a malicious party to bypass some authentication requirements when issuing requests to Hyperic Server. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Existe una configuración incorrecta del filtro de seguridad en VMware Hyperic Server 5.8.6. La explotación de esta vulnerabilidad permite a una parte maliciosa omitir algunos requisitos de autenticación al emitir solicitudes a Hyperic Server. • https://www.cyber.gov.au/acsc/view-all-content/alerts/multiple-vulnerabilities-vmware-vrealize-hyperic-monitoring-and-performance-management-product •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38650
https://notcve.org/view.php?id=CVE-2022-38650
A remote unauthenticated insecure deserialization vulnerability exists in VMware Hyperic Server 5.8.6. Exploitation of this vulnerability enables a malicious party to run arbitrary code or malware within Hyperic Server and the host operating system with the privileges of the Hyperic server process. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Existe una vulnerabilidad de deserialización insegura remota no autenticada en VMware Hyperic Server 5.8.6. La explotación de esta vulnerabilidad permite a una parte malintencionada ejecutar código arbitrario o malware dentro del servidor Hyperic y el sistema operativo host con los privilegios del proceso del servidor Hyperic. • https://www.cyber.gov.au/acsc/view-all-content/alerts/multiple-vulnerabilities-vmware-vrealize-hyperic-monitoring-and-performance-management-product • CWE-502: Deserialization of Untrusted Data •