CVSS: 6.1EPSS: 0%CPEs: 14EXPL: 0CVE-2017-4929
https://notcve.org/view.php?id=CVE-2017-4929
VMware NSX Edge (6.2.x before 6.2.9 and 6.3.x before 6.3.5) contains a moderate Cross-Site Scripting (XSS) issue which may lead to information disclosure. VMware NSX Edge (en versioens 6.2.x anteriores a la 6.2.9 y versiones 6.3.x anteriroes a la 6.3.5) contiene un error de Cross-Site Scripting (XSS) moderado que puede dar lugar a una revelación de información. • http://www.securityfocus.com/bid/101891 http://www.securitytracker.com/id/1039837 https://www.vmware.com/security/advisories/VMSA-2017-0019.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.9EPSS: 0%CPEs: 16EXPL: 0CVE-2016-2079
https://notcve.org/view.php?id=CVE-2016-2079
VMware NSX Edge 6.1 before 6.1.7 and 6.2 before 6.2.3 and vCNS Edge 5.5 before 5.5.4.3, when the SSL-VPN feature is configured, allow remote attackers to obtain sensitive information via unspecified vectors. VMware NSX Edge 6.1 en versiones anteriores a 6.1.7 y 6.2 en versiones anteriores a 6.2.3 y vCNS Edge 5.5 en versiones anteriores a 5.5.4.3, cuando la característica SSL-VPN está configurada, permiten a atacantes remotos obtener información sensible a través de vectores no especificados. • http://www.securitytracker.com/id/1036077 http://www.vmware.com/security/advisories/VMSA-2016-0007.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •