CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-4920
https://notcve.org/view.php?id=CVE-2017-4920
05 Dec 2017 — The implementation of the OSPF protocol in VMware NSX-V Edge 6.2.x prior to 6.2.8 and NSX-V Edge 6.3.x prior to 6.3.3 doesn't correctly handle the link-state advertisement (LSA). A rogue LSA may exploit this issue resulting in continuous sending of LSAs between two routers eventually going in loop or loss of connectivity. La implementación del protocolo OSPF en VMware NSX-V Edge en versiones 6.2.x anteriores a la 6.2.8 y NSX-V Edge en versiones 6.3.x anteriores a la 6.3.3 no gestiona correctamente el LSA (l... • http://www.securityfocus.com/bid/100277 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.1EPSS: 0%CPEs: 14EXPL: 0CVE-2017-4929
https://notcve.org/view.php?id=CVE-2017-4929
17 Nov 2017 — VMware NSX Edge (6.2.x before 6.2.9 and 6.3.x before 6.3.5) contains a moderate Cross-Site Scripting (XSS) issue which may lead to information disclosure. VMware NSX Edge (en versioens 6.2.x anteriores a la 6.2.9 y versiones 6.3.x anteriroes a la 6.3.5) contiene un error de Cross-Site Scripting (XSS) moderado que puede dar lugar a una revelación de información. • http://www.securityfocus.com/bid/101891 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 16EXPL: 0CVE-2016-2079
https://notcve.org/view.php?id=CVE-2016-2079
03 Jul 2016 — VMware NSX Edge 6.1 before 6.1.7 and 6.2 before 6.2.3 and vCNS Edge 5.5 before 5.5.4.3, when the SSL-VPN feature is configured, allow remote attackers to obtain sensitive information via unspecified vectors. VMware NSX Edge 6.1 en versiones anteriores a 6.1.7 y 6.2 en versiones anteriores a 6.2.3 y vCNS Edge 5.5 en versiones anteriores a 5.5.4.3, cuando la característica SSL-VPN está configurada, permiten a atacantes remotos obtener información sensible a través de vectores no especificados. • http://www.securitytracker.com/id/1036077 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •