Vulnerabilites related to vmware - cloud_foundation
CVE-2021-21974 (GCVE-0-2021-21974)
Vulnerability from cvelistv5
Published
2021-02-24 16:57
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- OpenSLP heap-overflow vulnerability
Summary
OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG) has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue in OpenSLP service resulting in remote code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | n/a | VMware ESXi |
Version: 7.0 before ESXi70U1c-17325551 Version: 6.7 before ESXi670-202102401-SG Version: 6.5 before ESXi650-202102101-SG |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-250/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162957/VMware-ESXi-OpenSLP-Heap-Overflow.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "7.0 before ESXi70U1c-17325551"
},
{
"status": "affected",
"version": "6.7 before ESXi670-202102401-SG"
},
{
"status": "affected",
"version": "6.5 before ESXi650-202102101-SG"
}
]
},
{
"product": "VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "4.x before 4.2 and 3.x"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG) has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue in OpenSLP service resulting in remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OpenSLP heap-overflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-03T17:06:15",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-250/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162957/VMware-ESXi-OpenSLP-Heap-Overflow.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-21974",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi",
"version": {
"version_data": [
{
"version_value": "7.0 before ESXi70U1c-17325551"
},
{
"version_value": "6.7 before ESXi670-202102401-SG"
},
{
"version_value": "6.5 before ESXi650-202102101-SG"
}
]
}
},
{
"product_name": "VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "4.x before 4.2 and 3.x"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG) has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue in OpenSLP service resulting in remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OpenSLP heap-overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-250/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-250/"
},
{
"name": "http://packetstormsecurity.com/files/162957/VMware-ESXi-OpenSLP-Heap-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162957/VMware-ESXi-OpenSLP-Heap-Overflow.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-21974",
"datePublished": "2021-02-24T16:57:33",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21994 (GCVE-0-2021-21994)
Vulnerability from cvelistv5
Published
2021-07-13 18:05
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Authentication bypass vulnerability
Summary
SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability. A malicious actor with network access to port 5989 on ESXi may exploit this issue to bypass SFCB authentication by sending a specially crafted request.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware ESXi and VMware Cloud Foundation |
Version: VMware ESXi(7.0 before ESXi70U2-17630552, 6.7 before ESXi670-202103101-SG, 6.5 before ESXi650-202107401-SG) and VMware Cloud Foundation (4.x, 3.x before 3.10.2) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.556Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0014.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi and VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware ESXi(7.0 before ESXi70U2-17630552, 6.7 before ESXi670-202103101-SG, 6.5 before ESXi650-202107401-SG) and VMware Cloud Foundation (4.x, 3.x before 3.10.2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability. A malicious actor with network access to port 5989 on ESXi may exploit this issue to bypass SFCB authentication by sending a specially crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication bypass vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-13T18:05:43",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0014.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-21994",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi and VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware ESXi(7.0 before ESXi70U2-17630552, 6.7 before ESXi670-202103101-SG, 6.5 before ESXi650-202107401-SG) and VMware Cloud Foundation (4.x, 3.x before 3.10.2)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability. A malicious actor with network access to port 5989 on ESXi may exploit this issue to bypass SFCB authentication by sending a specially crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication bypass vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0014.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0014.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-21994",
"datePublished": "2021-07-13T18:05:43",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.556Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22253 (GCVE-0-2024-22253)
Vulnerability from cvelistv5
Published
2024-03-05 17:57
Modified
2024-08-16 19:12
Severity ?
VLAI Severity ?
EPSS score ?
Summary
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | n/a | VMware ESXi |
Version: 8.0 < ESXi80U2sb-23305545 Version: 8.0 < ESXi80U1d-23299997 Version: 7.0 < ESXi70U3p-23307199 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.541Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:vmware:esxi:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "esxi",
"vendor": "vmware",
"versions": [
{
"lessThan": "esxi80U2sb-23305545",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "esxi80U1d-23299997",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "esxi70U3p-23307199",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:vmware:vmware_workstation:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "vmware_workstation",
"vendor": "vmware",
"versions": [
{
"lessThan": "17.5.1",
"status": "affected",
"version": "17.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "fusion",
"vendor": "vmware",
"versions": [
{
"lessThan": "13.5.1",
"status": "affected",
"version": "13.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "cloud_foundation",
"vendor": "vmware",
"versions": [
{
"lessThan": "6.0",
"status": "affected",
"version": "4.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22253",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-06T19:27:18.749572Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-16T19:12:32.633Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMware ESXi",
"vendor": "n/a",
"versions": [
{
"lessThan": "ESXi80U2sb-23305545",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi80U1d-23299997",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi70U3p-23307199",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Workstation",
"vendor": "n/a",
"versions": [
{
"lessThan": "17.5.1",
"status": "affected",
"version": "17.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Fusion",
"vendor": "n/a",
"versions": [
{
"lessThan": "13.5.1",
"status": "affected",
"version": "13.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.x"
},
{
"status": "affected",
"version": "4.x"
}
]
}
],
"datePublic": "2024-03-05T04:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller.\u0026nbsp;A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed."
}
],
"value": "VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller.\u00a0A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-05T17:57:42.445Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Use-after-free vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-22253",
"datePublished": "2024-03-05T17:57:27.297Z",
"dateReserved": "2024-01-08T18:43:15.942Z",
"dateUpdated": "2024-08-16T19:12:32.633Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22040 (GCVE-0-2021-22040)
Vulnerability from cvelistv5
Published
2022-02-16 16:37
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use-after-free vulnerability
Summary
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware ESXi , Workstation, Fusion and VMware Cloud Foundation |
Version: VMware ESXi (7.0 U3 before ESXi70U3c-19193900, 7.0 U2 before ESXi70U2e-19290878, 7.0 U1 before ESXi70U1e-19324898, ESXi 6.7 before ESXi670-202111101-SG and ESXi 6.5 ESXi650-202202401-SG), Workstation (16.x before 16.2.1), Fusion (12.x before 12.2.1) and VMware Cloud Foundation (4.x before 4.4 and 3.x before 3.11) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:24.011Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi , Workstation, Fusion and VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware ESXi (7.0 U3 before ESXi70U3c-19193900, 7.0 U2 before ESXi70U2e-19290878, 7.0 U1 before ESXi70U1e-19324898, ESXi 6.7 before ESXi670-202111101-SG and ESXi 6.5 ESXi650-202202401-SG), Workstation (16.x before 16.2.1), Fusion (12.x before 12.2.1) and VMware Cloud Foundation (4.x before 4.4 and 3.x before 3.11)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use-after-free vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-16T16:37:53",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22040",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi , Workstation, Fusion and VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware ESXi (7.0 U3 before ESXi70U3c-19193900, 7.0 U2 before ESXi70U2e-19290878, 7.0 U1 before ESXi70U1e-19324898, ESXi 6.7 before ESXi670-202111101-SG and ESXi 6.5 ESXi650-202202401-SG), Workstation (16.x before 16.2.1), Fusion (12.x before 12.2.1) and VMware Cloud Foundation (4.x before 4.4 and 3.x before 3.11)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use-after-free vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22040",
"datePublished": "2022-02-16T16:37:53",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:24.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22007 (GCVE-0-2021-22007)
Vulnerability from cvelistv5
Published
2021-09-23 11:41
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Local information disclosure vulnerability
Summary
The vCenter Server contains a local information disclosure vulnerability in the Analytics service. An authenticated user with non-administrative privilege may exploit this issue to gain access to sensitive information.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server, VMware Cloud Foundation |
Version: VMware vCenter Server(7.x before 7.0 U2c and 6.7 before 6.7 U3o) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.607Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server, VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server(7.x before 7.0 U2c and 6.7 before 6.7 U3o) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a local information disclosure vulnerability in the Analytics service. An authenticated user with non-administrative privilege may exploit this issue to gain access to sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Local information disclosure vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T11:41:21",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22007",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server, VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server(7.x before 7.0 U2c and 6.7 before 6.7 U3o) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vCenter Server contains a local information disclosure vulnerability in the Analytics service. An authenticated user with non-administrative privilege may exploit this issue to gain access to sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Local information disclosure vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22007",
"datePublished": "2021-09-23T11:41:21",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.607Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22945 (GCVE-0-2022-22945)
Vulnerability from cvelistv5
Published
2022-02-16 16:38
Modified
2024-08-03 03:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- A CLI shell injection vulnerability affecting VMware NSX Edge
Summary
VMware NSX Edge contains a CLI shell injection vulnerability. A malicious actor with SSH access to an NSX-Edge appliance can execute arbitrary commands on the operating system as root.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware NSX Edge |
Version: 6.4.10 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.325Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0005.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware NSX Edge",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "6.4.10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware NSX Edge contains a CLI shell injection vulnerability. A malicious actor with SSH access to an NSX-Edge appliance can execute arbitrary commands on the operating system as root."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A CLI shell injection vulnerability affecting VMware NSX Edge",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-16T16:38:35",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0005.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2022-22945",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware NSX Edge",
"version": {
"version_data": [
{
"version_value": "6.4.10"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware NSX Edge contains a CLI shell injection vulnerability. A malicious actor with SSH access to an NSX-Edge appliance can execute arbitrary commands on the operating system as root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A CLI shell injection vulnerability affecting VMware NSX Edge"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2022-0005.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0005.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-22945",
"datePublished": "2022-02-16T16:38:35",
"dateReserved": "2022-01-10T00:00:00",
"dateUpdated": "2024-08-03T03:28:42.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3981 (GCVE-0-2020-3981)
Vulnerability from cvelistv5
Published
2020-10-20 16:08
Modified
2024-08-04 07:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds read vulnerability
Summary
VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds read vulnerability due to a time-of-check time-of-use issue in ACPI device. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware ESXi, Workstation, Fusion |
Version: VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.441Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi, Workstation, Fusion",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds read vulnerability due to a time-of-check time-of-use issue in ACPI device. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds read vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-20T16:08:56",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-3981",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi, Workstation, Fusion",
"version": {
"version_data": [
{
"version_value": "VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds read vulnerability due to a time-of-check time-of-use issue in ACPI device. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds read vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-3981",
"datePublished": "2020-10-20T16:08:56",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22003 (GCVE-0-2021-22003)
Vulnerability from cvelistv5
Published
2021-08-31 21:02
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information disclosure vulnerability
Summary
VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on port 7443. A malicious actor with network access to port 7443 may attempt user enumeration or brute force the login endpoint, which may or may not be practical based on lockout policy configuration and password complexity for the target account.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Workspace ONE Access and Identity Manager |
Version: Workspace ONE Access 20.10.01, 20.10 & 20.01. Identity Manager 3.3.5, 3.3.4, 3.3.3 & 3.3.2. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.694Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0016.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware Workspace ONE Access and Identity Manager",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Workspace ONE Access 20.10.01, 20.10 \u0026 20.01. Identity Manager 3.3.5, 3.3.4, 3.3.3 \u0026 3.3.2."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on port 7443. A malicious actor with network access to port 7443 may attempt user enumeration or brute force the login endpoint, which may or may not be practical based on lockout policy configuration and password complexity for the target account."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-31T21:02:31",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0016.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22003",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware Workspace ONE Access and Identity Manager",
"version": {
"version_data": [
{
"version_value": "Workspace ONE Access 20.10.01, 20.10 \u0026 20.01. Identity Manager 3.3.5, 3.3.4, 3.3.3 \u0026 3.3.2."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on port 7443. A malicious actor with network access to port 7443 may attempt user enumeration or brute force the login endpoint, which may or may not be practical based on lockout policy configuration and password complexity for the target account."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0016.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0016.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22003",
"datePublished": "2021-08-31T21:02:31",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.694Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22021 (GCVE-0-2021-22021)
Vulnerability from cvelistv5
Published
2021-08-30 18:06
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Cross Site Scripting (XSS) vulnerability
Summary
VMware vRealize Log Insight (8.x prior to 8.4) contains a Cross Site Scripting (XSS) vulnerability due to improper user input validation. An attacker with user privileges may be able to inject a malicious payload via the Log Insight UI which would be executed when the victim accesses the shared dashboard link.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vRealize Log Insight |
Version: VMware vRealize Log Insight (8.x prior to 8.4) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.931Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0019.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vRealize Log Insight",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vRealize Log Insight (8.x prior to 8.4)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware vRealize Log Insight (8.x prior to 8.4) contains a Cross Site Scripting (XSS) vulnerability due to improper user input validation. An attacker with user privileges may be able to inject a malicious payload via the Log Insight UI which would be executed when the victim accesses the shared dashboard link."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross Site Scripting (XSS) vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-30T18:06:13",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0019.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22021",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vRealize Log Insight",
"version": {
"version_data": [
{
"version_value": "VMware vRealize Log Insight (8.x prior to 8.4)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware vRealize Log Insight (8.x prior to 8.4) contains a Cross Site Scripting (XSS) vulnerability due to improper user input validation. An attacker with user privileges may be able to inject a malicious payload via the Log Insight UI which would be executed when the victim accesses the shared dashboard link."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Site Scripting (XSS) vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0019.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0019.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22021",
"datePublished": "2021-08-30T18:06:13",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.931Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22002 (GCVE-0-2021-22002)
Vulnerability from cvelistv5
Published
2021-08-31 21:02
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Host header vulnerability
Summary
VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints, on port 8443, to be accessed via port 443 using a custom host header. A malicious actor with network access to port 443 could tamper with host headers to facilitate access to the /cfg web app, in addition a malicious actor could access /cfg diagnostic endpoints without authentication.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Workspace ONE Access, Identity Manager and vRealize Automation |
Version: Workspace ONE Access 20.10.01, 20.10 & 20.01. Identity Manager 3.3.5, 3.3.4, 3.3.3 & 3.3.2. vRealize Automation (vIDM) 7.6. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.707Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0016.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware Workspace ONE Access, Identity Manager and vRealize Automation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Workspace ONE Access 20.10.01, 20.10 \u0026 20.01. Identity Manager 3.3.5, 3.3.4, 3.3.3 \u0026 3.3.2. vRealize Automation (vIDM) 7.6."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints, on port 8443, to be accessed via port 443 using a custom host header. A malicious actor with network access to port 443 could tamper with host headers to facilitate access to the /cfg web app, in addition a malicious actor could access /cfg diagnostic endpoints without authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Host header vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-31T21:02:21",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0016.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22002",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware Workspace ONE Access, Identity Manager and vRealize Automation",
"version": {
"version_data": [
{
"version_value": "Workspace ONE Access 20.10.01, 20.10 \u0026 20.01. Identity Manager 3.3.5, 3.3.4, 3.3.3 \u0026 3.3.2. vRealize Automation (vIDM) 7.6."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints, on port 8443, to be accessed via port 443 using a custom host header. A malicious actor with network access to port 443 could tamper with host headers to facilitate access to the /cfg web app, in addition a malicious actor could access /cfg diagnostic endpoints without authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Host header vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0016.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0016.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22002",
"datePublished": "2021-08-31T21:02:21",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37085 (GCVE-0-2024-37085)
Vulnerability from cvelistv5
Published
2024-06-25 14:16
Modified
2025-07-30 01:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Authentication bypass vulnerability
Summary
VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | n/a | VMware ESXi |
Version: 8.0 < ESXi80U3-24022510 Version: 7.0 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "esxi",
"vendor": "vmware",
"versions": [
{
"status": "affected",
"version": "7.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:vmware:cloud_foundation:5.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cloud_foundation",
"vendor": "vmware",
"versions": [
{
"lessThan": "5.2",
"status": "affected",
"version": "5.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:vmware:cloud_foundation:4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cloud_foundation",
"vendor": "vmware",
"versions": [
{
"lessThan": "5.0",
"status": "affected",
"version": "4.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:vmware:esxi:8.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "esxi",
"vendor": "vmware",
"versions": [
{
"lessThan": "ESXi80U3-24022510",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37085",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-31T03:55:22.790428Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-07-30",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-37085"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-305",
"description": "CWE-305 Authentication Bypass by Primary Weakness",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:37:00.475Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2024-07-30T00:00:00+00:00",
"value": "CVE-2024-37085 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:43:50.997Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMware ESXi",
"vendor": "n/a",
"versions": [
{
"lessThan": "ESXi80U3-24022510",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "7.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.x"
},
{
"status": "affected",
"version": "4.x"
}
]
}
],
"datePublic": "2024-06-25T01:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "VMware ESXi contains an authentication bypass vulnerability.\u0026nbsp;A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously\u003cstrong\u003e\u003cem\u003e \u003c/em\u003e\u003c/strong\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html\"\u003econfigured to use AD for user management\u003c/a\u003e\u003cstrong\u003e\u003cem\u003e \u003c/em\u003e\u003c/strong\u003eby re-creating the configured AD group (\u0027ESXi Admins\u0027 by default) after it was deleted from AD."
}
],
"value": "VMware ESXi contains an authentication bypass vulnerability.\u00a0A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group (\u0027ESXi Admins\u0027 by default) after it was deleted from AD."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication bypass vulnerability",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-25T14:16:01.280Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-37085",
"datePublished": "2024-06-25T14:16:01.280Z",
"dateReserved": "2024-06-03T05:40:17.632Z",
"dateUpdated": "2025-07-30T01:37:00.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3993 (GCVE-0-2020-3993)
Vulnerability from cvelistv5
Published
2020-10-20 16:11
Modified
2024-08-04 07:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- MITM vulnerability
Summary
VMware NSX-T (3.x before 3.0.2, 2.5.x before 2.5.2.2.0) contains a security vulnerability that exists in the way it allows a KVM host to download and install packages from NSX manager. A malicious actor with MITM positioning may be able to exploit this issue to compromise the transport node.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware NSX-T |
Version: VMware NSX-T (3.x before 3.0.2, 2.5.x before 2.5.2.2.0) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.557Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware NSX-T",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware NSX-T (3.x before 3.0.2, 2.5.x before 2.5.2.2.0)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware NSX-T (3.x before 3.0.2, 2.5.x before 2.5.2.2.0) contains a security vulnerability that exists in the way it allows a KVM host to download and install packages from NSX manager. A malicious actor with MITM positioning may be able to exploit this issue to compromise the transport node."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "MITM vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-20T16:11:19",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-3993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware NSX-T",
"version": {
"version_data": [
{
"version_value": "VMware NSX-T (3.x before 3.0.2, 2.5.x before 2.5.2.2.0)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware NSX-T (3.x before 3.0.2, 2.5.x before 2.5.2.2.0) contains a security vulnerability that exists in the way it allows a KVM host to download and install packages from NSX manager. A malicious actor with MITM positioning may be able to exploit this issue to compromise the transport node."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "MITM vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-3993",
"datePublished": "2020-10-20T16:11:19",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22957 (GCVE-0-2022-22957)
Vulnerability from cvelistv5
Published
2022-04-13 00:00
Modified
2025-02-13 16:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote code execution
Summary
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote code execution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Workspace ONE Access, Identity Manager and vRealize Automation. |
Version: Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3. vRealize Automation 7.6. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/171918/Mware-Workspace-ONE-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/171918/VMware-Workspace-ONE-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware Workspace ONE Access, Identity Manager and vRealize Automation.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3. vRealize Automation 7.6."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 \u0026 CVE-2022-22958). A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-18T19:06:16.134Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
},
{
"url": "http://packetstormsecurity.com/files/171918/Mware-Workspace-ONE-Remote-Code-Execution.html"
},
{
"url": "http://packetstormsecurity.com/files/171918/VMware-Workspace-ONE-Remote-Code-Execution.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-22957",
"datePublished": "2022-04-13T00:00:00.000Z",
"dateReserved": "2022-01-10T00:00:00.000Z",
"dateUpdated": "2025-02-13T16:28:58.209Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3971 (GCVE-0-2020-3971)
Vulnerability from cvelistv5
Published
2020-06-25 14:55
Modified
2024-08-04 07:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap overflow vulnerability
Summary
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201907101-SG), Workstation (15.x before 15.0.2), and Fusion (11.x before 11.0.2) contain a heap overflow vulnerability in the vmxnet3 virtual network adapter. A malicious actor with local access to a virtual machine with a vmxnet3 network adapter present may be able to read privileged information contained in physical memory.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | VMware ESXi |
Version: 6.7 before ESXi670-201904101-SG Version: 6.5 before ESXi650-201907101-SG |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.541Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "6.7 before ESXi670-201904101-SG"
},
{
"status": "affected",
"version": "6.5 before ESXi650-201907101-SG"
}
]
},
{
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "15.x before 15.0.2"
}
]
},
{
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "11.x before 11.0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201907101-SG), Workstation (15.x before 15.0.2), and Fusion (11.x before 11.0.2) contain a heap overflow vulnerability in the vmxnet3 virtual network adapter. A malicious actor with local access to a virtual machine with a vmxnet3 network adapter present may be able to read privileged information contained in physical memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap overflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-25T14:55:33",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-3971",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi",
"version": {
"version_data": [
{
"version_value": "6.7 before ESXi670-201904101-SG"
},
{
"version_value": "6.5 before ESXi650-201907101-SG"
}
]
}
},
{
"product_name": "Workstation",
"version": {
"version_data": [
{
"version_value": "15.x before 15.0.2"
}
]
}
},
{
"product_name": "Fusion",
"version": {
"version_data": [
{
"version_value": "11.x before 11.0.2"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201907101-SG), Workstation (15.x before 15.0.2), and Fusion (11.x before 11.0.2) contain a heap overflow vulnerability in the vmxnet3 virtual network adapter. A malicious actor with local access to a virtual machine with a vmxnet3 network adapter present may be able to read privileged information contained in physical memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-3971",
"datePublished": "2020-06-25T14:55:33",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.541Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22042 (GCVE-0-2021-22042)
Vulnerability from cvelistv5
Published
2022-02-16 16:37
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Unauthorized access vulnerability
Summary
VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. A malicious actor with privileges within the VMX process only, may be able to access settingsd service running as a high privileged user.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware ESXi and VMware Cloud Foundation |
Version: VMware ESXi(7.0 U3 before ESXi70U3c-19193900, 7.0 U2 before ESXi70U2e-19290878 and 7.0 U1 before ESXi70U1e-19324898) and VMware Cloud Foundation 4.x before 4.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi and VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware ESXi(7.0 U3 before ESXi70U3c-19193900, 7.0 U2 before ESXi70U2e-19290878 and 7.0 U1 before ESXi70U1e-19324898) and VMware Cloud Foundation 4.x before 4.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. A malicious actor with privileges within the VMX process only, may be able to access settingsd service running as a high privileged user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unauthorized access vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-16T16:37:54",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22042",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi and VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware ESXi(7.0 U3 before ESXi70U3c-19193900, 7.0 U2 before ESXi70U2e-19290878 and 7.0 U1 before ESXi70U1e-19324898) and VMware Cloud Foundation 4.x before 4.4"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. A malicious actor with privileges within the VMX process only, may be able to access settingsd service running as a high privileged user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthorized access vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22042",
"datePublished": "2022-02-16T16:37:54",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22222 (GCVE-0-2025-22222)
Vulnerability from cvelistv5
Published
2025-01-30 15:32
Modified
2025-03-13 14:47
Severity ?
VLAI Severity ?
EPSS score ?
Summary
VMware Aria Operations contains an information disclosure vulnerability. A malicious user with non-administrative privileges may exploit this vulnerability to retrieve credentials for an outbound plugin if a valid service credential ID is known.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | VMware Aria Operations |
Version: 8.x |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22222",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T16:35:03.995156Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-497",
"description": "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T14:47:01.654Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"any"
],
"product": "VMware Aria Operations",
"vendor": "VMware",
"versions": [
{
"lessThan": "8.18.3",
"status": "affected",
"version": "8.x",
"versionType": "release"
}
]
}
],
"datePublic": "2025-01-30T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware Aria Operations contains an information disclosure vulnerability.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA malicious user with non-administrative \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eprivileges\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;may exploit this vulnerability to retrieve credentials for an outbound plugin if a valid service credential ID is known.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware Aria Operations contains an information disclosure vulnerability.\u00a0A malicious user with non-administrative privileges\u00a0may exploit this vulnerability to retrieve credentials for an outbound plugin if a valid service credential ID is known."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T15:32:00.829Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25329"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "VMware Aria Operations information disclosure vulnerability (CVE-2025-22222)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-22222",
"datePublished": "2025-01-30T15:32:00.829Z",
"dateReserved": "2025-01-02T04:29:30.444Z",
"dateUpdated": "2025-03-13T14:47:01.654Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22011 (GCVE-0-2021-22011)
Vulnerability from cvelistv5
Published
2021-09-23 11:51
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Unauthenticated API endpoint vulnerability
Summary
vCenter Server contains an unauthenticated API endpoint vulnerability in vCenter Server Content Library. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to perform unauthenticated VM network setting manipulation.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server, VMware Cloud Foundation |
Version: VMware vCenter Server(7.x before 7.0.2 U2d, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3.1 and 3.x before 3.10.2.2) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.938Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server, VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server(7.x before 7.0.2 U2d, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3.1 and 3.x before 3.10.2.2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "vCenter Server contains an unauthenticated API endpoint vulnerability in vCenter Server Content Library. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to perform unauthenticated VM network setting manipulation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unauthenticated API endpoint vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T11:51:47",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22011",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server, VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server(7.x before 7.0.2 U2d, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3.1 and 3.x before 3.10.2.2)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "vCenter Server contains an unauthenticated API endpoint vulnerability in vCenter Server Content Library. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to perform unauthenticated VM network setting manipulation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthenticated API endpoint vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22011",
"datePublished": "2021-09-23T11:51:47",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.938Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22019 (GCVE-0-2021-22019)
Vulnerability from cvelistv5
Published
2021-09-23 12:16
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Denial of service vulnerability
Summary
The vCenter Server contains a denial-of-service vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 5480 on vCenter Server may exploit this issue by sending a specially crafted jsonrpc message to create a denial of service condition.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server, VMware Cloud Foundation |
Version: VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server, VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a denial-of-service vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 5480 on vCenter Server may exploit this issue by sending a specially crafted jsonrpc message to create a denial of service condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T12:16:41",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22019",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server, VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vCenter Server contains a denial-of-service vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 5480 on vCenter Server may exploit this issue by sending a specially crafted jsonrpc message to create a denial of service condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22019",
"datePublished": "2021-09-23T12:16:41",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21986 (GCVE-0-2021-21986)
Vulnerability from cvelistv5
Published
2021-05-26 14:04
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Issue with Authentication mechanism
Summary
The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. A malicious actor with network access to port 443 on vCenter Server may perform actions allowed by the impacted plug-ins without authentication.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server and VMware Cloud Foundation |
Version: VMware vCenter Server (7.x before 7.0 U2b, 6.7 before 6.7 U3n, 6.5 before 6.5 U3p) and VMware Cloud Foundation (4.x before 4.2.1, 3.x before 3.10.2.1) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server and VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server (7.x before 7.0 U2b, 6.7 before 6.7 U3n, 6.5 before 6.5 U3p) and VMware Cloud Foundation (4.x before 4.2.1, 3.x before 3.10.2.1)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. A malicious actor with network access to port 443 on vCenter Server may perform actions allowed by the impacted plug-ins without authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Issue with Authentication mechanism",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-26T19:06:10",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-21986",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server and VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server (7.x before 7.0 U2b, 6.7 before 6.7 U3n, 6.5 before 6.5 U3p) and VMware Cloud Foundation (4.x before 4.2.1, 3.x before 3.10.2.1)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. A malicious actor with network access to port 443 on vCenter Server may perform actions allowed by the impacted plug-ins without authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Issue with Authentication mechanism"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html"
},
{
"name": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-21986",
"datePublished": "2021-05-26T14:04:35",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37081 (GCVE-0-2024-37081)
Vulnerability from cvelistv5
Published
2024-06-18 05:43
Modified
2024-08-02 03:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Local privilege escalation vulnerability
Summary
The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | n/a | VMware vCenter Server |
Version: 8.0 < 8.0 U2d Version: 7.0 < 7.0 U3r |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:vmware:cloud_foundation:4.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cloud_foundation",
"vendor": "vmware",
"versions": [
{
"lessThan": "6.0",
"status": "affected",
"version": "4.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:vmware:vcenter_server:8.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "vcenter_server",
"vendor": "vmware",
"versions": [
{
"lessThan": "8.0u2d",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vcenter_server",
"vendor": "vmware",
"versions": [
{
"lessThan": "7.0u3r",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37081",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-18T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-556",
"description": "CWE-556 ASP.NET Misconfiguration: Use of Identity Impersonation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-11T03:55:32.280Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:43:50.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMware vCenter Server",
"vendor": "n/a",
"versions": [
{
"lessThan": "8.0 U2d",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "7.0 U3r",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.x"
},
{
"status": "affected",
"version": "4.x"
}
]
}
],
"datePublic": "2024-06-17T16:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u0026nbsp;\u003c/span\u003e\u003c/span\u003eAn authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u00a0An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Local privilege escalation vulnerability",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-18T05:43:20.580Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-37081",
"datePublished": "2024-06-18T05:43:20.580Z",
"dateReserved": "2024-06-03T05:40:17.631Z",
"dateUpdated": "2024-08-02T03:43:50.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37087 (GCVE-0-2024-37087)
Vulnerability from cvelistv5
Published
2024-06-25 14:16
Modified
2024-10-31 13:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Denial-of-service vulnerability
Summary
The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network access to vCenter Server may create a denial-of-service condition.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | n/a | vCenter Server |
Version: 8.0 < 8.0 U3 Version: 7.0 < 7.0 U3q |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37087",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-03T19:44:32.514057Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T13:19:28.741Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:43:50.999Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "vCenter Server",
"vendor": "n/a",
"versions": [
{
"lessThan": "8.0 U3",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "7.0 U3q",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.x"
},
{
"status": "affected",
"version": "4.x"
}
]
}
],
"datePublic": "2024-06-25T01:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vCenter Server contains a denial-of-service vulnerability.\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eA malicious actor with network access to vCenter Server may create a denial-of-service condition.\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "The vCenter Server contains a denial-of-service vulnerability.\u00a0A malicious actor with network access to vCenter Server may create a denial-of-service condition."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial-of-service vulnerability",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-25T14:16:13.273Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-37087",
"datePublished": "2024-06-25T14:16:13.273Z",
"dateReserved": "2024-06-03T05:40:17.632Z",
"dateUpdated": "2024-10-31T13:19:28.741Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22218 (GCVE-0-2025-22218)
Vulnerability from cvelistv5
Published
2025-01-30 14:23
Modified
2025-03-13 15:14
Severity ?
VLAI Severity ?
EPSS score ?
Summary
VMware Aria Operations for Logs contains an information disclosure vulnerability. A malicious actor with View Only Admin permissions may be able to read the credentials of a VMware product integrated with VMware Aria Operations for Logs
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | VMware Aria Operations for Logs |
Version: 8.x |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22218",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T14:57:54.947928Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209 Generation of Error Message Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T15:14:07.312Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"any"
],
"product": "VMware Aria Operations for Logs",
"vendor": "VMware",
"versions": [
{
"lessThan": "8.18.3",
"status": "affected",
"version": "8.x",
"versionType": "release"
}
]
}
],
"datePublic": "2025-01-30T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware Aria Operations for Logs contains an information disclosure vulnerability.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA malicious actor with View Only Admin permissions may be able to read the \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ecredentials\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;of a VMware product integrated with VMware Aria Operations for Logs\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware Aria Operations for Logs contains an information disclosure vulnerability.\u00a0A malicious actor with View Only Admin permissions may be able to read the credentials\u00a0of a VMware product integrated with VMware Aria Operations for Logs"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T14:23:01.810Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25329"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "VMware Aria Operations for Logs information disclosure vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-22218",
"datePublished": "2025-01-30T14:23:01.810Z",
"dateReserved": "2025-01-02T04:29:30.444Z",
"dateUpdated": "2025-03-13T15:14:07.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22016 (GCVE-0-2021-22016)
Vulnerability from cvelistv5
Published
2021-09-23 12:12
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Reflected XSS vulnerability
Summary
The vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input sanitization. An attacker may exploit this issue to execute malicious scripts by tricking a victim into clicking a malicious link.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server, VMware Cloud Foundation |
Version: VMware vCenter Server 6.7 before 6.7 U3o and VMware Cloud Foundation 3.x before 3.10.2.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server, VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server 6.7 before 6.7 U3o and VMware Cloud Foundation 3.x before 3.10.2.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input sanitization. An attacker may exploit this issue to execute malicious scripts by tricking a victim into clicking a malicious link."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Reflected XSS vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T12:12:54",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22016",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server, VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server 6.7 before 6.7 U3o and VMware Cloud Foundation 3.x before 3.10.2.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input sanitization. An attacker may exploit this issue to execute malicious scripts by tricking a victim into clicking a malicious link."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Reflected XSS vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22016",
"datePublished": "2021-09-23T12:12:54",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22225 (GCVE-0-2025-22225)
Vulnerability from cvelistv5
Published
2025-03-04 11:56
Modified
2025-07-30 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Arbitrary write vulnerability
Summary
VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | n/a | VMware ESXi |
Version: 8.0 < ESXi80U3d-24585383 Version: 8.0 < ESXi80U2d-24585300 Version: 7.0 < ESXi70U3s-24585291 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22225",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T04:55:23.988843Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-03-04",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-22225"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-123",
"description": "CWE-123 Write-what-where Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:36:18.716Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2025-03-04T00:00:00+00:00",
"value": "CVE-2025-22225 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMware ESXi",
"vendor": "n/a",
"versions": [
{
"lessThan": "ESXi80U3d-24585383",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi80U2d-24585300",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi70U3s-24585291",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.x, 4.5.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Telco Cloud Platform",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.x, 4.x, 3.x, 2.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Telco Cloud Infrastructure",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "3.x, 2.x"
}
]
}
],
"datePublic": "2025-03-04T11:50:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware ESXi contains an \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003earbitrary write\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003evulnerability.\u0026nbsp;\u003c/span\u003eA malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware ESXi contains an arbitrary write\u00a0vulnerability.\u00a0A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary write vulnerability",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-04T11:56:27.537Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-22225",
"datePublished": "2025-03-04T11:56:27.537Z",
"dateReserved": "2025-01-02T04:29:59.190Z",
"dateUpdated": "2025-07-30T01:36:18.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21973 (GCVE-0-2021-21973)
Vulnerability from cvelistv5
Published
2021-02-24 16:42
Modified
2025-07-30 01:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- SSRF vulnerability
Summary
The vSphere Client (HTML5) contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue by sending a POST request to vCenter Server plugin leading to information disclosure. This affects: VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | n/a | VMware vCenter Server |
Version: 7.x before 7.0 U1c Version: 6.7 before 6.7 U3l Version: 6.5 before 6.5 U3n |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.450Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-21973",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-16T16:16:46.429372Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-07",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21973"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:38:18.972Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2022-03-07T00:00:00+00:00",
"value": "CVE-2021-21973 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "7.x before 7.0 U1c"
},
{
"status": "affected",
"version": "6.7 before 6.7 U3l"
},
{
"status": "affected",
"version": "6.5 before 6.5 U3n"
}
]
},
{
"product": "VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "4.x before 4.2"
},
{
"status": "affected",
"version": "3.x before 3.10.1.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vSphere Client (HTML5) contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue by sending a POST request to vCenter Server plugin leading to information disclosure. This affects: VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "SSRF vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-24T16:42:02.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-21973",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server",
"version": {
"version_data": [
{
"version_value": "7.x before 7.0 U1c"
},
{
"version_value": "6.7 before 6.7 U3l"
},
{
"version_value": "6.5 before 6.5 U3n"
}
]
}
},
{
"product_name": "VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "4.x before 4.2"
},
{
"version_value": "3.x before 3.10.1.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vSphere Client (HTML5) contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue by sending a POST request to vCenter Server plugin leading to information disclosure. This affects: VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SSRF vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-21973",
"datePublished": "2021-02-24T16:42:02.000Z",
"dateReserved": "2021-01-04T00:00:00.000Z",
"dateUpdated": "2025-07-30T01:38:18.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-34063 (GCVE-0-2023-34063)
Vulnerability from cvelistv5
Published
2024-01-16 09:10
Modified
2025-06-20 17:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- VMware Aria Automation Missing Access Control Vulnerability
Summary
Aria Automation contains a Missing Access Control vulnerability.
An authenticated malicious actor may
exploit this vulnerability leading to unauthorized access to remote
organizations and workflows.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| N/A | VMware Aria Automation, VMware Cloud Foundation |
Version: Aria Automation 8.14.1, Aria Automation 8.14.0, Aria Automation 8.13.1, Aria Automation 8.13.0, Aria Automation 8.12.2, Aria Automation 8.12.1, Aria Automation 8.12.0, Aria Automation 8.11.2, Aria Automation 8.11.1, Aria Automation 8.11.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:53.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0001.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34063",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-16T20:17:51.196207Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T17:02:26.911Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMware Aria Automation, VMware Cloud Foundation",
"vendor": "N/A",
"versions": [
{
"status": "affected",
"version": "Aria Automation 8.14.1, Aria Automation 8.14.0, Aria Automation 8.13.1, Aria Automation 8.13.0, Aria Automation 8.12.2, Aria Automation 8.12.1, Aria Automation 8.12.0, Aria Automation 8.11.2, Aria Automation 8.11.1, Aria Automation 8.11.0 "
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\nAria Automation contains a Missing Access Control vulnerability.\n\n\nAn authenticated malicious actor may \nexploit this vulnerability leading to unauthorized access to remote \norganizations and workflows.\n\n"
}
],
"value": "Aria Automation contains a Missing Access Control vulnerability.\n\n\nAn authenticated malicious actor may \nexploit this vulnerability leading to unauthorized access to remote \norganizations and workflows.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "VMware Aria Automation Missing Access Control Vulnerability",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-16T09:10:09.738Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0001.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2023-34063",
"datePublished": "2024-01-16T09:10:09.738Z",
"dateReserved": "2023-05-25T17:21:56.204Z",
"dateUpdated": "2025-06-20T17:02:26.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-4004 (GCVE-0-2020-4004)
Vulnerability from cvelistv5
Published
2020-11-20 19:06
Modified
2024-08-04 07:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use-after-free vulnerability
Summary
VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x before 15.5.7), Fusion (11.x before 11.5.7) contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | n/a | VMware ESXi |
Version: 7.0 before ESXi70U1b-17168206 Version: 6.7 before ESXi670-202011101-SG Version: 6.5 before ESXi650-202011301-SG |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.492Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0026.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "7.0 before ESXi70U1b-17168206"
},
{
"status": "affected",
"version": "6.7 before ESXi670-202011101-SG"
},
{
"status": "affected",
"version": "6.5 before ESXi650-202011301-SG"
}
]
},
{
"product": "Workstation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "15.x before 15.5.7"
}
]
},
{
"product": "Fusion",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "11.x before 11.5.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x before 15.5.7), Fusion (11.x before 11.5.7) contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use-after-free vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-20T19:06:28",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0026.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-4004",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi",
"version": {
"version_data": [
{
"version_value": "7.0 before ESXi70U1b-17168206"
},
{
"version_value": "6.7 before ESXi670-202011101-SG"
},
{
"version_value": "6.5 before ESXi650-202011301-SG"
}
]
}
},
{
"product_name": "Workstation",
"version": {
"version_data": [
{
"version_value": "15.x before 15.5.7"
}
]
}
},
{
"product_name": "Fusion",
"version": {
"version_data": [
{
"version_value": "11.x before 11.5.7"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x before 15.5.7), Fusion (11.x before 11.5.7) contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use-after-free vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0026.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0026.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-4004",
"datePublished": "2020-11-20T19:06:28",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.492Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22220 (GCVE-0-2025-22220)
Vulnerability from cvelistv5
Published
2025-01-30 15:28
Modified
2025-02-06 14:06
Severity ?
VLAI Severity ?
EPSS score ?
Summary
VMware Aria Operations for Logs contains a privilege escalation vulnerability. A malicious actor with non-administrative privileges and network access to Aria Operations for Logs API may be able to perform certain operations in the context of an admin user.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | VMware Aria Operations for Logs |
Version: 8.x |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22220",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-01T04:55:31.087566Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-06T14:06:04.836Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"any"
],
"product": "VMware Aria Operations for Logs",
"vendor": "VMware",
"versions": [
{
"lessThan": "8.18.3",
"status": "affected",
"version": "8.x",
"versionType": "release"
}
]
}
],
"datePublic": "2025-01-30T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware Aria Operations for Logs contains a \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eprivilege escalation\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;vulnerability.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA malicious actor with non-administrative privileges and network access to Aria Operations for Logs API may be able to perform certain operations in the context of an admin user.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware Aria Operations for Logs contains a privilege escalation\u00a0vulnerability.\u00a0A malicious actor with non-administrative privileges and network access to Aria Operations for Logs API may be able to perform certain operations in the context of an admin user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T15:28:13.266Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25329"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "VMware Aria Operations for Logs broken access control vulnerability (CVE-2025-22220)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-22220",
"datePublished": "2025-01-30T15:28:13.266Z",
"dateReserved": "2025-01-02T04:29:30.444Z",
"dateUpdated": "2025-02-06T14:06:04.836Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22982 (GCVE-0-2022-22982)
Vulnerability from cvelistv5
Published
2022-07-13 18:18
Modified
2024-08-03 03:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Server-side request forgery vulnerability
Summary
The vCenter Server contains a server-side request forgery (SSRF) vulnerability. A malicious actor with network access to 443 on the vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal service.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server |
Version: VMware vCenter Server (7.0 before 7.0 U3f, 6.7 before 6.7 U3r & 6.5 before 6.5 U3t) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.512Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server (7.0 before 7.0 U3f, 6.7 before 6.7 U3r \u0026 6.5 before 6.5 U3t)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a server-side request forgery (SSRF) vulnerability. A malicious actor with network access to 443 on the vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Server-side request forgery vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-13T18:18:58",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0018.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2022-22982",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server (7.0 before 7.0 U3f, 6.7 before 6.7 U3r \u0026 6.5 before 6.5 U3t)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vCenter Server contains a server-side request forgery (SSRF) vulnerability. A malicious actor with network access to 443 on the vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Server-side request forgery vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2022-0018.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0018.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-22982",
"datePublished": "2022-07-13T18:18:58",
"dateReserved": "2022-01-10T00:00:00",
"dateUpdated": "2024-08-03T03:28:42.512Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3970 (GCVE-0-2020-3970)
Vulnerability from cvelistv5
Published
2020-06-25 14:37
Modified
2024-08-04 07:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds read vulnerability
Summary
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in the Shader functionality. A malicious actor with non-administrative local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to crash the virtual machine's vmx process leading to a partial denial of service condition.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | VMware ESXi |
Version: 7.0 before ESXi_7.0.0-1.20.16321839 Version: 6.7 before ESXi670-202004101-SG Version: 6.5 before ESXi650-202005401-SG |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-782/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "7.0 before ESXi_7.0.0-1.20.16321839"
},
{
"status": "affected",
"version": "6.7 before ESXi670-202004101-SG"
},
{
"status": "affected",
"version": "6.5 before ESXi650-202005401-SG"
}
]
},
{
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "15.x before 15.5.5"
}
]
},
{
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "11.x before 11.5.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in the Shader functionality. A malicious actor with non-administrative local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to crash the virtual machine\u0027s vmx process leading to a partial denial of service condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds read vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-30T15:06:01",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-782/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-3970",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi",
"version": {
"version_data": [
{
"version_value": "7.0 before ESXi_7.0.0-1.20.16321839"
},
{
"version_value": "6.7 before ESXi670-202004101-SG"
},
{
"version_value": "6.5 before ESXi650-202005401-SG"
}
]
}
},
{
"product_name": "Workstation",
"version": {
"version_data": [
{
"version_value": "15.x before 15.5.5"
}
]
}
},
{
"product_name": "Fusion",
"version": {
"version_data": [
{
"version_value": "11.x before 11.5.5"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in the Shader functionality. A malicious actor with non-administrative local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to crash the virtual machine\u0027s vmx process leading to a partial denial of service condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds read vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-782/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-782/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-3970",
"datePublished": "2020-06-25T14:37:44",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-16919 (GCVE-0-2019-16919)
Vulnerability from cvelistv5
Published
2019-10-18 11:59
Modified
2024-08-05 01:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Harbor API has a Broken Access Control vulnerability. The vulnerability allows project administrators to use the Harbor API to create a robot account with unauthorized push and/or pull access permissions to a project they don't have access or control for. The Harbor API did not enforce the proper project permissions and project scope on the API request to create a new robot account.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:24:48.630Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://landscape.cncf.io/selected=harbor"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2019-0016.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/goharbor/harbor/security/advisories/GHSA-x2r2-w9c7-h624"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Harbor API has a Broken Access Control vulnerability. The vulnerability allows project administrators to use the Harbor API to create a robot account with unauthorized push and/or pull access permissions to a project they don\u0027t have access or control for. The Harbor API did not enforce the proper project permissions and project scope on the API request to create a new robot account."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-18T12:00:13",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://landscape.cncf.io/selected=harbor"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2019-0016.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/goharbor/harbor/security/advisories/GHSA-x2r2-w9c7-h624"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16919",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Harbor API has a Broken Access Control vulnerability. The vulnerability allows project administrators to use the Harbor API to create a robot account with unauthorized push and/or pull access permissions to a project they don\u0027t have access or control for. The Harbor API did not enforce the proper project permissions and project scope on the API request to create a new robot account."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://landscape.cncf.io/selected=harbor",
"refsource": "MISC",
"url": "https://landscape.cncf.io/selected=harbor"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2019-0016.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2019-0016.html"
},
{
"name": "https://github.com/goharbor/harbor/security/advisories/GHSA-x2r2-w9c7-h624",
"refsource": "MISC",
"url": "https://github.com/goharbor/harbor/security/advisories/GHSA-x2r2-w9c7-h624"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-16919",
"datePublished": "2019-10-18T11:59:57",
"dateReserved": "2019-09-26T00:00:00",
"dateUpdated": "2024-08-05T01:24:48.630Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22015 (GCVE-0-2021-22015)
Vulnerability from cvelistv5
Published
2021-09-23 00:00
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Multiple local privilege escalation vulnerabilities
Summary
The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. An authenticated local user with non-administrative privilege may exploit these issues to elevate their privileges to root on vCenter Server Appliance.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server, VMware Cloud Foundation |
Version: VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.928Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/170116/VMware-vCenter-vScalation-Privilege-Escalation.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server, VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. An authenticated local user with non-administrative privilege may exploit these issues to elevate their privileges to root on vCenter Server Appliance."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Multiple local privilege escalation vulnerabilities",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-06T00:00:00",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"url": "http://packetstormsecurity.com/files/170116/VMware-vCenter-vScalation-Privilege-Escalation.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22015",
"datePublished": "2021-09-23T00:00:00",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.928Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22254 (GCVE-0-2024-22254)
Vulnerability from cvelistv5
Published
2024-03-05 17:58
Modified
2024-08-14 18:53
Severity ?
VLAI Severity ?
EPSS score ?
Summary
VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | n/a | VMware ESXi |
Version: 8.0 < ESXi80U2sb-23305545 Version: 8.0 < ESXi80U1d-23299997 Version: 7.0 < ESXi70U3p-23307199 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:vmware:vmware_esxi:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "vmware_esxi",
"vendor": "vmware",
"versions": [
{
"lessThan": "ESXi80U2sb-23305545",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi80U1d-23299997",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi70U3p-23307199",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:broadcom:vmware_cloud_foundation:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "vmware_cloud_foundation",
"vendor": "broadcom",
"versions": [
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "4.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22254",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T18:20:04.440392Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T18:53:20.387Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:33.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMware ESXi",
"vendor": "n/a",
"versions": [
{
"lessThan": "ESXi80U2sb-23305545",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi80U1d-23299997",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi70U3p-23307199",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.x"
},
{
"status": "affected",
"version": "4.x"
}
]
}
],
"datePublic": "2024-03-05T04:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "VMware ESXi contains an out-of-bounds write vulnerability.\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eA malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox.\u003c/span\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003cbr\u003e"
}
],
"value": "VMware ESXi contains an out-of-bounds write vulnerability.\u00a0A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox.\n\n\n\n\n\n\n\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-05T17:59:53.114Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Out-of-bounds write vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-22254",
"datePublished": "2024-03-05T17:58:24.341Z",
"dateReserved": "2024-01-08T18:43:15.942Z",
"dateUpdated": "2024-08-14T18:53:20.387Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22041 (GCVE-0-2021-22041)
Vulnerability from cvelistv5
Published
2022-02-16 16:37
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Double-fetch vulnerability
Summary
VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware ESXi , Workstation, Fusion and VMware Cloud Foundation |
Version: VMware ESXi (7.0 U3 before ESXi70U3c-19193900, 7.0 U2 before ESXi70U2e-19290878, 7.0 U1 before ESXi70U1e-19324898, ESXi 6.7 before ESXi670-202111101-SG and ESXi 6.5 ESXi650-202202401-SG), Workstation (16.x before 16.2.1), Fusion (12.x before 12.2.1) and VMware Cloud Foundation (4.x before 4.4 and 3.x before 3.11) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi , Workstation, Fusion and VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware ESXi (7.0 U3 before ESXi70U3c-19193900, 7.0 U2 before ESXi70U2e-19290878, 7.0 U1 before ESXi70U1e-19324898, ESXi 6.7 before ESXi670-202111101-SG and ESXi 6.5 ESXi650-202202401-SG), Workstation (16.x before 16.2.1), Fusion (12.x before 12.2.1) and VMware Cloud Foundation (4.x before 4.4 and 3.x before 3.11)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Double-fetch vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-16T16:37:54",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22041",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi , Workstation, Fusion and VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware ESXi (7.0 U3 before ESXi70U3c-19193900, 7.0 U2 before ESXi70U2e-19290878, 7.0 U1 before ESXi70U1e-19324898, ESXi 6.7 before ESXi670-202111101-SG and ESXi 6.5 ESXi650-202202401-SG), Workstation (16.x before 16.2.1), Fusion (12.x before 12.2.1) and VMware Cloud Foundation (4.x before 4.4 and 3.x before 3.11)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Double-fetch vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22041",
"datePublished": "2022-02-16T16:37:54",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3969 (GCVE-0-2020-3969)
Vulnerability from cvelistv5
Published
2020-06-24 16:00
Modified
2024-08-04 07:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap-overflow vulnerability
Summary
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an off-by-one heap-overflow vulnerability in the SVGA device. A malicious actor with local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker's control must be present for exploitation to be possible.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | VMware ESXi |
Version: 7.0 before ESXi_7.0.0-1.20.16321839 Version: 6.7 before ESXi670-202004101-SG Version: 6.5 before ESXi650-202005401-SG |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.611Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-786/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "7.0 before ESXi_7.0.0-1.20.16321839"
},
{
"status": "affected",
"version": "6.7 before ESXi670-202004101-SG"
},
{
"status": "affected",
"version": "6.5 before ESXi650-202005401-SG"
}
]
},
{
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "15.x before 15.5.5"
}
]
},
{
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "11.x before 11.5.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an off-by-one heap-overflow vulnerability in the SVGA device. A malicious actor with local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker\u0027s control must be present for exploitation to be possible."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-overflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-30T15:06:04",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-786/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-3969",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi",
"version": {
"version_data": [
{
"version_value": "7.0 before ESXi_7.0.0-1.20.16321839"
},
{
"version_value": "6.7 before ESXi670-202004101-SG"
},
{
"version_value": "6.5 before ESXi650-202005401-SG"
}
]
}
},
{
"product_name": "Workstation",
"version": {
"version_data": [
{
"version_value": "15.x before 15.5.5"
}
]
}
},
{
"product_name": "Fusion",
"version": {
"version_data": [
{
"version_value": "11.x before 11.5.5"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an off-by-one heap-overflow vulnerability in the SVGA device. A malicious actor with local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker\u0027s control must be present for exploitation to be possible."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-786/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-786/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-3969",
"datePublished": "2020-06-24T16:00:46",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.611Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22020 (GCVE-0-2021-22020)
Vulnerability from cvelistv5
Published
2021-09-23 12:16
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Denial of service vulnerability
Summary
The vCenter Server contains a denial-of-service vulnerability in the Analytics service. Successful exploitation of this issue may allow an attacker to create a denial-of-service condition on vCenter Server.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server, VMware Cloud Foundation |
Version: VMware vCenter Server(7.x before 7.0 U2c and 6.7 before 6.7 U3o) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.941Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server, VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server(7.x before 7.0 U2c and 6.7 before 6.7 U3o) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a denial-of-service vulnerability in the Analytics service. Successful exploitation of this issue may allow an attacker to create a denial-of-service condition on vCenter Server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T12:16:47",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22020",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server, VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server(7.x before 7.0 U2c and 6.7 before 6.7 U3o) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vCenter Server contains a denial-of-service vulnerability in the Analytics service. Successful exploitation of this issue may allow an attacker to create a denial-of-service condition on vCenter Server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22020",
"datePublished": "2021-09-23T12:16:47",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.941Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38833 (GCVE-0-2024-38833)
Vulnerability from cvelistv5
Published
2024-11-26 11:54
Modified
2024-12-06 20:04
Severity ?
VLAI Severity ?
EPSS score ?
Summary
VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to email templates might inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | VMware Aria Operations |
Version: 8.x |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38833",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T14:01:27.917179Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-06T20:04:41.237Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Any"
],
"product": "VMware Aria Operations",
"vendor": "VMware",
"versions": [
{
"lessThan": "8.18.2",
"status": "affected",
"version": "8.x",
"versionType": "proprietary"
}
]
}
],
"datePublic": "2024-11-26T11:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware Aria Operations contains a stored cross-site scripting vulnerability.\u0026nbsp;\u003c/span\u003eA malicious actor with editing access to email templates might inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware Aria Operations contains a stored cross-site scripting vulnerability.\u00a0A malicious actor with editing access to email templates might inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T11:54:54.847Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25199"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Stored cross-site scripting vulnerability (CVE-2024-38833)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-38833",
"datePublished": "2024-11-26T11:54:54.847Z",
"dateReserved": "2024-06-19T22:32:07.790Z",
"dateUpdated": "2024-12-06T20:04:41.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38830 (GCVE-0-2024-38830)
Vulnerability from cvelistv5
Published
2024-11-26 11:49
Modified
2025-02-10 22:19
Severity ?
VLAI Severity ?
EPSS score ?
Summary
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges may trigger this vulnerability to escalate privileges to root user on the appliance running VMware Aria Operations.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | VMware Aria Operations |
Version: 8.x |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:vmware:aria_operations:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "aria_operations",
"vendor": "vmware",
"versions": [
{
"lessThan": "8.18.2",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38830",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T15:06:38.470450Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-10T22:19:20.956Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Any"
],
"product": "VMware Aria Operations",
"vendor": "VMware",
"versions": [
{
"lessThan": "8.18.2",
"status": "affected",
"version": "8.x",
"versionType": "proprietary"
}
]
}
],
"datePublic": "2024-11-26T11:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware Aria Operations contains a local privilege escalation vulnerability.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA malicious actor with local administrative privileges may trigger this vulnerability to escalate privileges to root user on the appliance running VMware Aria Operations.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware Aria Operations contains a local privilege escalation vulnerability.\u00a0A malicious actor with local administrative privileges may trigger this vulnerability to escalate privileges to root user on the appliance running VMware Aria Operations."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T11:49:16.781Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25199"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Local privilege escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-38830",
"datePublished": "2024-11-26T11:49:16.781Z",
"dateReserved": "2024-06-19T22:32:07.790Z",
"dateUpdated": "2025-02-10T22:19:20.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21983 (GCVE-0-2021-21983)
Vulnerability from cvelistv5
Published
2021-03-31 17:50
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Arbitrary file write vulnerability
Summary
Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vRealize Operations |
Version: VMware vRealize Operations prior to 8.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.722Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0004.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vRealize Operations",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vRealize Operations prior to 8.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary file write vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-27T16:08:34",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0004.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-21983",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vRealize Operations",
"version": {
"version_data": [
{
"version_value": "VMware vRealize Operations prior to 8.4"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary file write vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0004.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0004.html"
},
{
"name": "http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-21983",
"datePublished": "2021-03-31T17:50:36",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.722Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20884 (GCVE-0-2023-20884)
Vulnerability from cvelistv5
Published
2023-05-30 15:05
Modified
2025-01-10 18:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Insecure Redirect Vulnerability
Summary
VMware Workspace ONE Access and VMware Identity Manager contain an insecure redirect vulnerability. An unauthenticated malicious actor may be able to redirect a victim to an attacker controlled domain due to improper path handling leading to sensitive information disclosure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware Cloud Foundation (Cloud Foundation) |
Version: Workspace ONE Access 22.09.1.0, Workspace ONE Access 22.09.0.0, Workspace ONE Access 21.08.x, VMware Identity Manager 3.3.7, VMware Identity Manager 3.3.6 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:21:32.910Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0011.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20884",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-10T18:58:05.456797Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T18:58:11.000Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware Cloud Foundation (Cloud Foundation)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Workspace ONE Access 22.09.1.0, Workspace ONE Access 22.09.0.0, Workspace ONE Access 21.08.x, VMware Identity Manager 3.3.7, VMware Identity Manager 3.3.6"
}
]
}
],
"datePublic": "2023-05-30T15:05:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "VMware Workspace ONE Access and VMware Identity Manager contain an insecure redirect vulnerability.\u0026nbsp;An unauthenticated malicious actor may be able to redirect a victim to an attacker controlled domain due to improper path handling leading to sensitive information disclosure."
}
],
"value": "VMware Workspace ONE Access and VMware Identity Manager contain an insecure redirect vulnerability.\u00a0An unauthenticated malicious actor may be able to redirect a victim to an attacker controlled domain due to improper path handling leading to sensitive information disclosure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insecure Redirect Vulnerability",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-30T15:06:05.576Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0011.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2023-20884",
"datePublished": "2023-05-30T15:05:53.284Z",
"dateReserved": "2022-11-01T15:41:50.393Z",
"dateUpdated": "2025-01-10T18:58:11.000Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3964 (GCVE-0-2020-3964)
Vulnerability from cvelistv5
Published
2020-06-25 14:51
Modified
2024-08-04 07:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Leak
Summary
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the EHCI USB controller. A malicious actor with local access to a virtual machine may be able to read privileged information contained in the hypervisor's memory. Additional conditions beyond the attacker's control need to be present for exploitation to be possible.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | VMware ESXi |
Version: 7.0 before ESXi_7.0.0-1.20.16321839 Version: 6.7 before ESXi670-202006401-SG Version: 6.5 before ESXi650-202005401-SG |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"name": "20200717 VMware ESXi: Multiple vulnerabilities [CVE-2020-3963, CVE-2020-3964, CVE-2020-3965, CVE-2020-3960]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Jul/22"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "7.0 before ESXi_7.0.0-1.20.16321839"
},
{
"status": "affected",
"version": "6.7 before ESXi670-202006401-SG"
},
{
"status": "affected",
"version": "6.5 before ESXi650-202005401-SG"
}
]
},
{
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "15.x before 15.5.2"
}
]
},
{
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "11.x before 11.5.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the EHCI USB controller. A malicious actor with local access to a virtual machine may be able to read privileged information contained in the hypervisor\u0027s memory. Additional conditions beyond the attacker\u0027s control need to be present for exploitation to be possible."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-17T20:06:10",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"name": "20200717 VMware ESXi: Multiple vulnerabilities [CVE-2020-3963, CVE-2020-3964, CVE-2020-3965, CVE-2020-3960]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Jul/22"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-3964",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi",
"version": {
"version_data": [
{
"version_value": "7.0 before ESXi_7.0.0-1.20.16321839"
},
{
"version_value": "6.7 before ESXi670-202006401-SG"
},
{
"version_value": "6.5 before ESXi650-202005401-SG"
}
]
}
},
{
"product_name": "Workstation",
"version": {
"version_data": [
{
"version_value": "15.x before 15.5.2"
}
]
}
},
{
"product_name": "Fusion",
"version": {
"version_data": [
{
"version_value": "11.x before 11.5.2"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the EHCI USB controller. A malicious actor with local access to a virtual machine may be able to read privileged information contained in the hypervisor\u0027s memory. Additional conditions beyond the attacker\u0027s control need to be present for exploitation to be possible."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"name": "20200717 VMware ESXi: Multiple vulnerabilities [CVE-2020-3963, CVE-2020-3964, CVE-2020-3965, CVE-2020-3960]",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Jul/22"
},
{
"name": "http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-3964",
"datePublished": "2020-06-25T14:51:48",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37086 (GCVE-0-2024-37086)
Vulnerability from cvelistv5
Published
2024-06-25 14:16
Modified
2024-11-12 17:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds read vulnerability
Summary
VMware ESXi contains an out-of-bounds read vulnerability. A
malicious actor with local administrative privileges on a virtual
machine with an existing snapshot may trigger an out-of-bounds read
leading to a denial-of-service condition of the host.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | n/a | ESXi |
Version: 8.0 < ESXi80U3-24022510 Version: 7.0 < ESXi70U3sq-23794019 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37086",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-26T18:43:16.105928Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T17:16:57.986Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:43:51.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ESXi",
"vendor": "n/a",
"versions": [
{
"lessThan": "ESXi80U3-24022510",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi70U3sq-23794019",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.x"
},
{
"status": "affected",
"version": "4.x"
}
]
}
],
"datePublic": "2024-06-25T01:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "VMware ESXi contains an out-of-bounds read vulnerability.\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eA\n malicious actor with local administrative privileges on a virtual \nmachine with an existing snapshot may trigger an out-of-bounds read \nleading to a denial-of-service condition of the host.\u003c/span\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "VMware ESXi contains an out-of-bounds read vulnerability.\u00a0A\n malicious actor with local administrative privileges on a virtual \nmachine with an existing snapshot may trigger an out-of-bounds read \nleading to a denial-of-service condition of the host."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds read vulnerability",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-25T14:16:08.233Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-37086",
"datePublished": "2024-06-25T14:16:08.233Z",
"dateReserved": "2024-06-03T05:40:17.632Z",
"dateUpdated": "2024-11-12T17:16:57.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22014 (GCVE-0-2021-22014)
Vulnerability from cvelistv5
Published
2021-09-23 11:59
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Authenticated code execution vulnerability
Summary
The vCenter Server contains an authenticated code execution vulnerability in VAMI (Virtual Appliance Management Infrastructure). An authenticated VAMI user with network access to port 5480 on vCenter Server may exploit this issue to execute code on the underlying operating system that hosts vCenter Server.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server, VMware Cloud Foundation |
Version: VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.894Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server, VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains an authenticated code execution vulnerability in VAMI (Virtual Appliance Management Infrastructure). An authenticated VAMI user with network access to port 5480 on vCenter Server may exploit this issue to execute code on the underlying operating system that hosts vCenter Server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authenticated code execution vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T11:59:00",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22014",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server, VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vCenter Server contains an authenticated code execution vulnerability in VAMI (Virtual Appliance Management Infrastructure). An authenticated VAMI user with network access to port 5480 on vCenter Server may exploit this issue to execute code on the underlying operating system that hosts vCenter Server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authenticated code execution vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22014",
"datePublished": "2021-09-23T11:59:00",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.894Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22022 (GCVE-0-2021-22022)
Vulnerability from cvelistv5
Published
2021-08-30 17:53
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Arbitrary file read vulnerability
Summary
The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary file read vulnerability. A malicious actor with administrative access to vRealize Operations Manager API can read any arbitrary file on server leading to information disclosure.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vRealize Operations |
Version: VMware vRealize Operations (8.x prior to 8.5) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:24.042Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vRealize Operations",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vRealize Operations (8.x prior to 8.5)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary file read vulnerability. A malicious actor with administrative access to vRealize Operations Manager API can read any arbitrary file on server leading to information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary file read vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-30T17:53:32",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22022",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vRealize Operations",
"version": {
"version_data": [
{
"version_value": "VMware vRealize Operations (8.x prior to 8.5)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary file read vulnerability. A malicious actor with administrative access to vRealize Operations Manager API can read any arbitrary file on server leading to information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary file read vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22022",
"datePublished": "2021-08-30T17:53:32",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:24.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22243 (GCVE-0-2025-22243)
Vulnerability from cvelistv5
Published
2025-06-04 19:31
Modified
2025-06-04 20:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Stored Cross-Site Scripting (XSS) vulnerability in Manager-UI
Summary
VMware NSX Manager UI is vulnerable to a stored Cross-Site Scripting (XSS) attack due to improper input validation.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | VMware NSX |
Version: VMware NSX 4.0.x, VMware NSX 4.1.x, VMware NSX 4.2.x |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22243",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-04T20:03:44.753365Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T20:04:02.081Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMware NSX",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "VMware NSX 4.0.x, VMware NSX 4.1.x, VMware NSX 4.2.x"
}
]
}
],
"datePublic": "2025-06-04T19:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware NSX Manager UI is vulnerable to a stored Cross-Site Scripting (XSS) attack due to improper input validation.\u003c/span\u003e"
}
],
"value": "VMware NSX Manager UI is vulnerable to a stored Cross-Site Scripting (XSS) attack due to improper input validation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Stored Cross-Site Scripting (XSS) vulnerability in Manager-UI",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T19:31:36.548Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25738"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-22243",
"datePublished": "2025-06-04T19:31:36.548Z",
"dateReserved": "2025-01-02T04:30:06.833Z",
"dateUpdated": "2025-06-04T20:04:02.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22275 (GCVE-0-2024-22275)
Vulnerability from cvelistv5
Published
2024-05-21 17:29
Modified
2025-03-27 19:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Partial file read vulnerability
Summary
The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | n/a | VMware vCenter Server |
Version: 8.0 < 8.0 U2b Version: 7.0 < 7.0 U3q |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22275",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-21T19:06:55.459940Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T19:25:13.775Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.230Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMware vCenter Server",
"vendor": "n/a",
"versions": [
{
"lessThan": "8.0 U2b",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "7.0 U3q",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Cloud Foundation (vCenter Server)",
"vendor": "n/a",
"versions": [
{
"lessThan": "5.1.1",
"status": "affected",
"version": "5.x",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.x"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vCenter Server contains a partial file read vulnerability.\u0026nbsp;\u003c/span\u003eA malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "The vCenter Server contains a partial file read vulnerability.\u00a0A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Partial file read vulnerability",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-21T17:29:45.562Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-22275",
"datePublished": "2024-05-21T17:29:45.562Z",
"dateReserved": "2024-01-08T18:43:18.958Z",
"dateUpdated": "2025-03-27T19:25:13.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-4005 (GCVE-0-2020-4005)
Vulnerability from cvelistv5
Published
2020-11-20 19:06
Modified
2024-08-04 07:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Privilege escalation vulnerability
Summary
VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG) contains a privilege-escalation vulnerability that exists in the way certain system calls are being managed. A malicious actor with privileges within the VMX process only, may escalate their privileges on the affected system. Successful exploitation of this issue is only possible when chained with another vulnerability (e.g. CVE-2020-4004)
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware ESXi |
Version: 7.0 before ESXi70U1b-17168206 Version: 6.7 before ESXi670-202011101-SG Version: 6.5 before ESXi650-202011301-SG |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0026.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "7.0 before ESXi70U1b-17168206"
},
{
"status": "affected",
"version": "6.7 before ESXi670-202011101-SG"
},
{
"status": "affected",
"version": "6.5 before ESXi650-202011301-SG"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG) contains a privilege-escalation vulnerability that exists in the way certain system calls are being managed. A malicious actor with privileges within the VMX process only, may escalate their privileges on the affected system. Successful exploitation of this issue is only possible when chained with another vulnerability (e.g. CVE-2020-4004)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege escalation vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-20T19:06:25",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0026.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-4005",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi",
"version": {
"version_data": [
{
"version_value": "7.0 before ESXi70U1b-17168206"
},
{
"version_value": "6.7 before ESXi670-202011101-SG"
},
{
"version_value": "6.5 before ESXi650-202011301-SG"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG) contains a privilege-escalation vulnerability that exists in the way certain system calls are being managed. A malicious actor with privileges within the VMX process only, may escalate their privileges on the affected system. Successful exploitation of this issue is only possible when chained with another vulnerability (e.g. CVE-2020-4004)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege escalation vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0026.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0026.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-4005",
"datePublished": "2020-11-20T19:06:25",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21995 (GCVE-0-2021-21995)
Vulnerability from cvelistv5
Published
2021-07-13 18:05
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Authentication bypass vulnerability
Summary
OpenSLP as used in ESXi has a denial-of-service vulnerability due a heap out-of-bounds read issue. A malicious actor with network access to port 427 on ESXi may be able to trigger a heap out-of-bounds read in OpenSLP service resulting in a denial-of-service condition.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware ESXi and VMware Cloud Foundation |
Version: VMware ESXi(7.0 before ESXi70U2-17630552, 6.7 before ESXi670-202103101-SG, 6.5 before ESXi650-202107401-SG) and VMware Cloud Foundation (4.x, 3.x before 3.10.2) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.592Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0014.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi and VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware ESXi(7.0 before ESXi70U2-17630552, 6.7 before ESXi670-202103101-SG, 6.5 before ESXi650-202107401-SG) and VMware Cloud Foundation (4.x, 3.x before 3.10.2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenSLP as used in ESXi has a denial-of-service vulnerability due a heap out-of-bounds read issue. A malicious actor with network access to port 427 on ESXi may be able to trigger a heap out-of-bounds read in OpenSLP service resulting in a denial-of-service condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication bypass vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-13T18:05:49",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0014.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-21995",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi and VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware ESXi(7.0 before ESXi70U2-17630552, 6.7 before ESXi670-202103101-SG, 6.5 before ESXi650-202107401-SG) and VMware Cloud Foundation (4.x, 3.x before 3.10.2)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenSLP as used in ESXi has a denial-of-service vulnerability due a heap out-of-bounds read issue. A malicious actor with network access to port 427 on ESXi may be able to trigger a heap out-of-bounds read in OpenSLP service resulting in a denial-of-service condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication bypass vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0014.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0014.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-21995",
"datePublished": "2021-07-13T18:05:49",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3976 (GCVE-0-2020-3976)
Vulnerability from cvelistv5
Published
2020-08-21 12:37
Modified
2024-08-04 07:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Partial denial of service
Summary
VMware ESXi and vCenter Server contain a partial denial of service vulnerability in their respective authentication services. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | ESXi, vCenter Server, and Cloud Foundation |
Version: ESXi 7.0, 6.7, 6.5, vCenter Server 7.0, 6.7, 6.5, and Cloud Foundation 4.x.x, and 3.x.x release lines. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.373Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ESXi, vCenter Server, and Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "ESXi 7.0, 6.7, 6.5, vCenter Server 7.0, 6.7, 6.5, and Cloud Foundation 4.x.x, and 3.x.x release lines."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi and vCenter Server contain a partial denial of service vulnerability in their respective authentication services. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Partial denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-21T12:37:34",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0018.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-3976",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ESXi, vCenter Server, and Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "ESXi 7.0, 6.7, 6.5, vCenter Server 7.0, 6.7, 6.5, and Cloud Foundation 4.x.x, and 3.x.x release lines."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi and vCenter Server contain a partial denial of service vulnerability in their respective authentication services. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Partial denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0018.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0018.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-3976",
"datePublished": "2020-08-21T12:37:34",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22005 (GCVE-0-2021-22005)
Vulnerability from cvelistv5
Published
2021-09-23 11:37
Modified
2025-07-30 01:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- File upload vulnerability
Summary
The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server, VMware Cloud Foundation |
Version: VMware vCenter Server(7.x before 7.0 U2c and 6.7 before 6.7 U3o) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.824Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/164439/VMware-vCenter-Server-Analytics-CEIP-Service-File-Upload.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-22005",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T17:56:00.835980Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22005"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:37:58.034Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2021-22005 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server, VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server(7.x before 7.0 U2c and 6.7 before 6.7 U3o) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "File upload vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-07T15:06:27.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/164439/VMware-vCenter-Server-Analytics-CEIP-Service-File-Upload.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22005",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server, VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server(7.x before 7.0 U2c and 6.7 before 6.7 U3o) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "File upload vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"name": "http://packetstormsecurity.com/files/164439/VMware-vCenter-Server-Analytics-CEIP-Service-File-Upload.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/164439/VMware-vCenter-Server-Analytics-CEIP-Service-File-Upload.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22005",
"datePublished": "2021-09-23T11:37:30.000Z",
"dateReserved": "2021-01-04T00:00:00.000Z",
"dateUpdated": "2025-07-30T01:37:58.034Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22048 (GCVE-0-2021-22048)
Vulnerability from cvelistv5
Published
2021-11-10 17:50
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Privilege escalation vulnerability
Summary
The vCenter Server contains a privilege escalation vulnerability in the IWA (Integrated Windows Authentication) authentication mechanism. A malicious actor with non-administrative access to vCenter Server may exploit this issue to elevate privileges to a higher privileged group.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server and VMware Cloud Foundation |
Version: VMware vCenter Server(7.0 and 6.7) and VMware Cloud Foundation (4.x and 3.x) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0025.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167733/VMware-Security-Advisory-2022-0025.2.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167795/VMware-Security-Advisory-2021-0025.3.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server and VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server(7.0 and 6.7) and VMware Cloud Foundation (4.x and 3.x)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a privilege escalation vulnerability in the IWA (Integrated Windows Authentication) authentication mechanism. A malicious actor with non-administrative access to vCenter Server may exploit this issue to elevate privileges to a higher privileged group."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege escalation vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-25T17:06:14",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0025.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167733/VMware-Security-Advisory-2022-0025.2.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167795/VMware-Security-Advisory-2021-0025.3.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22048",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server and VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server(7.0 and 6.7) and VMware Cloud Foundation (4.x and 3.x)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vCenter Server contains a privilege escalation vulnerability in the IWA (Integrated Windows Authentication) authentication mechanism. A malicious actor with non-administrative access to vCenter Server may exploit this issue to elevate privileges to a higher privileged group."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege escalation vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0025.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0025.html"
},
{
"name": "http://packetstormsecurity.com/files/167733/VMware-Security-Advisory-2022-0025.2.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167733/VMware-Security-Advisory-2022-0025.2.html"
},
{
"name": "http://packetstormsecurity.com/files/167795/VMware-Security-Advisory-2021-0025.3.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167795/VMware-Security-Advisory-2021-0025.3.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22048",
"datePublished": "2021-11-10T17:50:53",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22958 (GCVE-0-2022-22958)
Vulnerability from cvelistv5
Published
2022-04-13 17:05
Modified
2024-08-03 03:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote code execution
Summary
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote code execution.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Workspace ONE Access, Identity Manager and vRealize Automation. |
Version: Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3. vRealize Automation 7.6. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.552Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware Workspace ONE Access, Identity Manager and vRealize Automation.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3. vRealize Automation 7.6."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 \u0026 CVE-2022-22958). A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-13T17:05:58",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2022-22958",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware Workspace ONE Access, Identity Manager and vRealize Automation.",
"version": {
"version_data": [
{
"version_value": "Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3. vRealize Automation 7.6."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 \u0026 CVE-2022-22958). A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-22958",
"datePublished": "2022-04-13T17:05:58",
"dateReserved": "2022-01-10T00:00:00",
"dateUpdated": "2024-08-03T03:28:42.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22224 (GCVE-0-2025-22224)
Vulnerability from cvelistv5
Published
2025-03-04 11:56
Modified
2025-07-30 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap-overflow vulnerability
Summary
VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | ESXi |
Version: 8.0 < ESXi80U3d-24585383 Version: 8.0 < ESXi80U2d-24585300 Version: 7.0 < ESXi70U3s-24585291 |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22224",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T04:55:22.499570Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-03-04",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-22224"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:36:18.856Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2025-03-04T00:00:00+00:00",
"value": "CVE-2025-22224 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"lessThan": "ESXi80U3d-24585383",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi80U2d-24585300",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi70U3s-24585291",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux"
],
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"lessThan": "17.6.3",
"status": "affected",
"version": "17.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Cloud Foundation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "5.x, 4.5.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telco Cloud Platform",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "5.x, 4.x, 3.x, 2.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telco Cloud Infrastructure",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "3.x, 2.x"
}
]
}
],
"datePublic": "2025-03-04T11:33:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware ESXi, and Workstation\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write.\u0026nbsp;\u003c/span\u003eA malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware ESXi, and Workstation\u00a0contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write.\u00a0A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-overflow vulnerability",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T14:39:46.987Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-22224",
"datePublished": "2025-03-04T11:56:12.317Z",
"dateReserved": "2025-01-02T04:29:30.445Z",
"dateUpdated": "2025-07-30T01:36:18.856Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-4006 (GCVE-0-2020-4006)
Vulnerability from cvelistv5
Published
2020-11-23 21:22
Modified
2025-07-30 01:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Command Injection
Summary
VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.426Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/724367"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0027.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-4006",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T15:35:26.673844Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-4006"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:45:31.504Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2020-4006 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VMware Workspace One Access (Access), VMware Workspace One Access Connector (Access Connector), VMware Identity Manager (vIDM), VMware Identity Manager Connector (vIDM Connector), VMware Cloud Foundation, vRealize Suite Lifecycle Manager",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Multiple"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-23T21:22:40.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0027.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-4006",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware Workspace One Access (Access), VMware Workspace One Access Connector (Access Connector), VMware Identity Manager (vIDM), VMware Identity Manager Connector (vIDM Connector), VMware Cloud Foundation, vRealize Suite Lifecycle Manager",
"version": {
"version_data": [
{
"version_value": "Multiple"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0027.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0027.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-4006",
"datePublished": "2020-11-23T21:22:40.000Z",
"dateReserved": "2019-12-30T00:00:00.000Z",
"dateUpdated": "2025-07-30T01:45:31.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22006 (GCVE-0-2021-22006)
Vulnerability from cvelistv5
Published
2021-09-23 11:41
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Reverse proxy bypass vulnerability
Summary
The vCenter Server contains a reverse proxy bypass vulnerability due to the way the endpoints handle the URI. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to access restricted endpoints.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server, VMware Cloud Foundation |
Version: VMware vCenter Server(7.x before 7.0 U2c and 6.7 before 6.7 U3o) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.679Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server, VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server(7.x before 7.0 U2c and 6.7 before 6.7 U3o) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a reverse proxy bypass vulnerability due to the way the endpoints handle the URI. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to access restricted endpoints."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Reverse proxy bypass vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T11:41:13",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22006",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server, VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server(7.x before 7.0 U2c and 6.7 before 6.7 U3o) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vCenter Server contains a reverse proxy bypass vulnerability due to the way the endpoints handle the URI. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to access restricted endpoints."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Reverse proxy bypass vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22006",
"datePublished": "2021-09-23T11:41:13",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31699 (GCVE-0-2022-31699)
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2025-04-22 15:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap overflow issues via vulnerability
Summary
VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware ESXi, VMware Cloud Foundation |
Version: VMware ESXi (7.0 prior to ESXi70U3si-20841705, 6.7 prior to ESXi670-202210101-SG, 6.5 prior to ESXi650-202210101-SG), VMware Cloud Foundation (4.x, 3.x) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:00.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0030.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-31699",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-22T15:47:07.081003Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T15:47:15.962Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi, VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware ESXi (7.0 prior to ESXi70U3si-20841705, 6.7 prior to ESXi670-202210101-SG, 6.5 prior to ESXi650-202210101-SG), VMware Cloud Foundation (4.x, 3.x)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap overflow issues via vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-13T00:00:00.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0030.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-31699",
"datePublished": "2022-12-13T00:00:00.000Z",
"dateReserved": "2022-05-25T00:00:00.000Z",
"dateUpdated": "2025-04-22T15:47:15.962Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3994 (GCVE-0-2020-3994)
Vulnerability from cvelistv5
Published
2020-10-20 16:14
Modified
2024-08-04 07:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Session hijack vulnerability
Summary
VMware vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k) contains a session hijack vulnerability in the vCenter Server Appliance Management Interface update function due to a lack of certificate validation. A malicious actor with network positioning between vCenter Server and an update repository may be able to perform a session hijack when the vCenter Server Appliance Management Interface is used to download vCenter updates.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | vCenter Server |
Version: vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.505Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "vCenter Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k) contains a session hijack vulnerability in the vCenter Server Appliance Management Interface update function due to a lack of certificate validation. A malicious actor with network positioning between vCenter Server and an update repository may be able to perform a session hijack when the vCenter Server Appliance Management Interface is used to download vCenter updates."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Session hijack vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-20T16:14:24",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-3994",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "vCenter Server",
"version": {
"version_data": [
{
"version_value": "vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k) contains a session hijack vulnerability in the vCenter Server Appliance Management Interface update function due to a lack of certificate validation. A malicious actor with network positioning between vCenter Server and an update repository may be able to perform a session hijack when the vCenter Server Appliance Management Interface is used to download vCenter updates."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Session hijack vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-3994",
"datePublished": "2020-10-20T16:14:24",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.505Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22026 (GCVE-0-2021-22026)
Vulnerability from cvelistv5
Published
2021-08-30 17:54
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Server Side Request Forgery
Summary
The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information disclosure.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vRealize Operations |
Version: VMware vRealize Operations (8.x prior to 8.5) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.964Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vRealize Operations",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vRealize Operations (8.x prior to 8.5)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Server Side Request Forgery",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-30T17:54:40",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22026",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vRealize Operations",
"version": {
"version_data": [
{
"version_value": "VMware vRealize Operations (8.x prior to 8.5)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Server Side Request Forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22026",
"datePublished": "2021-08-30T17:54:40",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31681 (GCVE-0-2022-31681)
Vulnerability from cvelistv5
Published
2022-10-07 00:00
Modified
2024-08-03 07:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Null-pointer dereference vulnerability
Summary
VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware ESXi |
Version: VMware ESXi (7.0 prior to ESXi70U3sf-20036586, 6.7 prior to ESXi670-202210101-SG & 6.5 prior to ESXi650-202210101-SG) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.077Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0025.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware ESXi (7.0 prior to ESXi70U3sf-20036586, 6.7 prior to ESXi670-202210101-SG \u0026 6.5 prior to ESXi650-202210101-SG)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Null-pointer dereference vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0025.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-31681",
"datePublished": "2022-10-07T00:00:00",
"dateReserved": "2022-05-25T00:00:00",
"dateUpdated": "2024-08-03T07:26:01.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22219 (GCVE-0-2025-22219)
Vulnerability from cvelistv5
Published
2025-01-30 15:26
Modified
2025-03-13 18:03
Severity ?
VLAI Severity ?
EPSS score ?
Summary
VMware Aria Operations for Logs contains a stored cross-site scripting vulnerability. A malicious actor with non-administrative privileges may be able to inject a malicious script that (can perform stored cross-site scripting) may lead to arbitrary operations as admin user.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | VMware Aria Operations for Logs |
Version: 8.x |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22219",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T16:40:57.756199Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T18:03:28.501Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"any"
],
"product": "VMware Aria Operations for Logs",
"vendor": "VMware",
"versions": [
{
"lessThan": "8.18.3",
"status": "affected",
"version": "8.x",
"versionType": "release"
}
]
}
],
"datePublic": "2025-01-30T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware Aria Operations for Logs contains a stored cross-site scripting vulnerability.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA malicious actor with non-administrative privileges may be able to inject a malicious script that (can perform stored cross-site scripting) may lead to arbitrary operations as admin\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;user\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware Aria Operations for Logs contains a stored cross-site scripting vulnerability.\u00a0A malicious actor with non-administrative privileges may be able to inject a malicious script that (can perform stored cross-site scripting) may lead to arbitrary operations as admin\u00a0user."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T15:26:16.027Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25329"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "VMware Aria Operations for Logs stored cross-site scripting vulnerability (CVE-2025-22219)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-22219",
"datePublished": "2025-01-30T15:26:16.027Z",
"dateReserved": "2025-01-02T04:29:30.444Z",
"dateUpdated": "2025-03-13T18:03:28.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3967 (GCVE-0-2020-3967)
Vulnerability from cvelistv5
Published
2020-06-25 14:39
Modified
2024-08-04 07:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap-overflow vulnerability
Summary
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a heap-overflow vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local access to a virtual machine may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker's control must be present for exploitation to be possible.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | VMware ESXi |
Version: 7.0 before ESXi_7.0.0-1.20.16321839 Version: 6.7 before ESXi670-202004101-SG Version: 6.5 before ESXi650-202005401-SG |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-784/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "7.0 before ESXi_7.0.0-1.20.16321839"
},
{
"status": "affected",
"version": "6.7 before ESXi670-202004101-SG"
},
{
"status": "affected",
"version": "6.5 before ESXi650-202005401-SG"
}
]
},
{
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "15.x before 15.5.5"
}
]
},
{
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "11.x before 11.5.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a heap-overflow vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local access to a virtual machine may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker\u0027s control must be present for exploitation to be possible."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-overflow vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-30T15:06:03",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-784/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-3967",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi",
"version": {
"version_data": [
{
"version_value": "7.0 before ESXi_7.0.0-1.20.16321839"
},
{
"version_value": "6.7 before ESXi670-202004101-SG"
},
{
"version_value": "6.5 before ESXi650-202005401-SG"
}
]
}
},
{
"product_name": "Workstation",
"version": {
"version_data": [
{
"version_value": "15.x before 15.5.5"
}
]
}
},
{
"product_name": "Fusion",
"version": {
"version_data": [
{
"version_value": "11.x before 11.5.5"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a heap-overflow vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local access to a virtual machine may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker\u0027s control must be present for exploitation to be possible."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-overflow vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-784/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-784/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-3967",
"datePublished": "2020-06-25T14:39:21",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21993 (GCVE-0-2021-21993)
Vulnerability from cvelistv5
Published
2021-09-23 11:37
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- SSRF vulnerability
Summary
The vCenter Server contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in vCenter Server Content Library. An authorised user with access to content library may exploit this issue by sending a POST request to vCenter Server leading to information disclosure.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server, VMware Cloud Foundation |
Version: VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.589Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server, VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in vCenter Server Content Library. An authorised user with access to content library may exploit this issue by sending a POST request to vCenter Server leading to information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "SSRF vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T11:37:24",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-21993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server, VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vCenter Server contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in vCenter Server Content Library. An authorised user with access to content library may exploit this issue by sending a POST request to vCenter Server leading to information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SSRF vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-21993",
"datePublished": "2021-09-23T11:37:24",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3965 (GCVE-0-2020-3965)
Vulnerability from cvelistv5
Published
2020-06-25 14:54
Modified
2024-08-04 07:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information Leak
Summary
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the XHCI USB controller. A malicious actor with local access to a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | VMware ESXi |
Version: 7.0 before ESXi_7.0.0-1.20.16321839 Version: 6.7 before ESXi670-202006401-SG Version: 6.5 before ESXi650-202005401-SG |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"name": "20200717 VMware ESXi: Multiple vulnerabilities [CVE-2020-3963, CVE-2020-3964, CVE-2020-3965, CVE-2020-3960]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Jul/22"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "7.0 before ESXi_7.0.0-1.20.16321839"
},
{
"status": "affected",
"version": "6.7 before ESXi670-202006401-SG"
},
{
"status": "affected",
"version": "6.5 before ESXi650-202005401-SG"
}
]
},
{
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "15.x before 15.5.2"
}
]
},
{
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "11.x before 11.5.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the XHCI USB controller. A malicious actor with local access to a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-17T20:06:09",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"name": "20200717 VMware ESXi: Multiple vulnerabilities [CVE-2020-3963, CVE-2020-3964, CVE-2020-3965, CVE-2020-3960]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Jul/22"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-3965",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi",
"version": {
"version_data": [
{
"version_value": "7.0 before ESXi_7.0.0-1.20.16321839"
},
{
"version_value": "6.7 before ESXi670-202006401-SG"
},
{
"version_value": "6.5 before ESXi650-202005401-SG"
}
]
}
},
{
"product_name": "Workstation",
"version": {
"version_data": [
{
"version_value": "15.x before 15.5.2"
}
]
}
},
{
"product_name": "Fusion",
"version": {
"version_data": [
{
"version_value": "11.x before 11.5.2"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the XHCI USB controller. A malicious actor with local access to a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"name": "20200717 VMware ESXi: Multiple vulnerabilities [CVE-2020-3963, CVE-2020-3964, CVE-2020-3965, CVE-2020-3960]",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Jul/22"
},
{
"name": "http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-3965",
"datePublished": "2020-06-25T14:54:46",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22018 (GCVE-0-2021-22018)
Vulnerability from cvelistv5
Published
2021-09-23 12:16
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- File deletion vulnerability
Summary
The vCenter Server contains an arbitrary file deletion vulnerability in a VMware vSphere Life-cycle Manager plug-in. A malicious actor with network access to port 9087 on vCenter Server may exploit this issue to delete non critical files.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server, VMware Cloud Foundation |
Version: VMware vCenter Server 7.x before 7.0.2 U2d and VMware Cloud Foundation 4.x before 4.3.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.933Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server, VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server 7.x before 7.0.2 U2d and VMware Cloud Foundation 4.x before 4.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains an arbitrary file deletion vulnerability in a VMware vSphere Life-cycle Manager plug-in. A malicious actor with network access to port 9087 on vCenter Server may exploit this issue to delete non critical files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "File deletion vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T12:16:31",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22018",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server, VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server 7.x before 7.0.2 U2d and VMware Cloud Foundation 4.x before 4.3.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vCenter Server contains an arbitrary file deletion vulnerability in a VMware vSphere Life-cycle Manager plug-in. A malicious actor with network access to port 9087 on vCenter Server may exploit this issue to delete non critical files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "File deletion vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22018",
"datePublished": "2021-09-23T12:16:31",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.933Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20880 (GCVE-0-2023-20880)
Vulnerability from cvelistv5
Published
2023-05-12 00:00
Modified
2025-01-27 17:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Local Privilege Escalation Vulnerability
Summary
VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Aria Operations (formerly vRealize Operations) |
Version: VMware Aria Operations prior to 8.12 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:21:33.085Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0009.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-20880",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:53:33.113954Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T17:53:37.308Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VMware Aria Operations (formerly vRealize Operations)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware Aria Operations prior to 8.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to \u0027root\u0027."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Local Privilege Escalation Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-12T00:00:00.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0009.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2023-20880",
"datePublished": "2023-05-12T00:00:00.000Z",
"dateReserved": "2022-11-01T00:00:00.000Z",
"dateUpdated": "2025-01-27T17:53:37.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37079 (GCVE-0-2024-37079)
Vulnerability from cvelistv5
Published
2024-06-18 05:43
Modified
2025-03-14 13:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap-overflow vulnerability
Summary
vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | n/a | VMware vCenter Server |
Version: 8.0 < 8.0 U2d Version: 8.0 < 8.0 U1e Version: 7.0 < 7.0 U3r |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:broadcom:vmware_vcenter_server:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "vmware_vcenter_server",
"vendor": "broadcom",
"versions": [
{
"lessThan": "8.0 U2d",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "8.0 U1e",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "7.0 U3r",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:broadcom:vmware_cloud_foundation:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "vmware_cloud_foundation",
"vendor": "broadcom",
"versions": [
{
"status": "affected",
"version": "5.x"
},
{
"status": "affected",
"version": "4.x"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37079",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T03:55:58.515986Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-14T13:36:56.241Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:43:51.046Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMware vCenter Server",
"vendor": "n/a",
"versions": [
{
"lessThan": "8.0 U2d",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "8.0 U1e",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "7.0 U3r",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.x"
},
{
"status": "affected",
"version": "4.x"
}
]
}
],
"datePublic": "2024-06-17T16:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003evCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. \u003c/span\u003eA malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-overflow vulnerability",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-18T05:43:06.619Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-37079",
"datePublished": "2024-06-18T05:43:06.619Z",
"dateReserved": "2024-06-03T05:40:17.631Z",
"dateUpdated": "2025-03-14T13:36:56.241Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21980 (GCVE-0-2021-21980)
Vulnerability from cvelistv5
Published
2021-11-24 16:32
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Arbitrary file read vulnerability
Summary
The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server and VMware Cloud Foundation |
Version: VMware vCenter Server (6.7 before 6.7 U3p and 6.5 before 6.5 U3r) and VMware Cloud Foundation 3.x |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0027.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server and VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server (6.7 before 6.7 U3p and 6.5 before 6.5 U3r) and VMware Cloud Foundation 3.x"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary file read vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-24T16:32:43",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0027.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-21980",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server and VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server (6.7 before 6.7 U3p and 6.5 before 6.5 U3r) and VMware Cloud Foundation 3.x"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary file read vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0027.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0027.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-21980",
"datePublished": "2021-11-24T16:32:43",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22274 (GCVE-0-2024-22274)
Vulnerability from cvelistv5
Published
2024-05-21 17:29
Modified
2024-08-01 22:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Authenticated remote-code execution vulnerability
Summary
The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | n/a | VMware vCenter Server |
Version: 8.0 < 8.0 U2b Version: 7.0 < 7.0 U3q |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:broadcom:vmware_center_server:8.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vmware_center_server",
"vendor": "broadcom",
"versions": [
{
"status": "affected",
"version": "8.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:broadcom:vmware_center_server:7.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vmware_center_server",
"vendor": "broadcom",
"versions": [
{
"status": "affected",
"version": "7.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:broadcom:vmware_center_server:5*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vmware_center_server",
"vendor": "broadcom",
"versions": [
{
"status": "affected",
"version": "5*"
}
]
},
{
"cpes": [
"cpe:2.3:a:broadcom:vmware_center_server:4*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vmware_center_server",
"vendor": "broadcom",
"versions": [
{
"status": "affected",
"version": "4*"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22274",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-16T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-11T03:55:31.157Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.161Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMware vCenter Server",
"vendor": "n/a",
"versions": [
{
"lessThan": "8.0 U2b",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "7.0 U3q",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Cloud Foundation (vCenter Server)",
"vendor": "n/a",
"versions": [
{
"lessThan": "5.1.1",
"status": "affected",
"version": "5.x",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.x"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vCenter Server contains an authenticated remote code execution vulnerability.\u0026nbsp;\u003c/span\u003eA malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "The vCenter Server contains an authenticated remote code execution vulnerability.\u00a0A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authenticated remote-code execution vulnerability",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-21T17:29:33.899Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-22274",
"datePublished": "2024-05-21T17:29:33.899Z",
"dateReserved": "2024-01-08T18:43:18.957Z",
"dateUpdated": "2024-08-01T22:43:34.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22255 (GCVE-0-2024-22255)
Vulnerability from cvelistv5
Published
2024-03-05 17:58
Modified
2024-11-04 17:17
Severity ?
VLAI Severity ?
EPSS score ?
Summary
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | n/a | VMware ESXi |
Version: 8.0 < ESXi80U2sb-23305545 Version: 8.0 < ESXi80U1d-23299997 Version: 7.0 < ESXi70U3p-23307199 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-22255",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-06T18:16:34.279529Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T17:17:14.669Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:33.725Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMware ESXi",
"vendor": "n/a",
"versions": [
{
"lessThan": "ESXi80U2sb-23305545",
"status": "affected",
"version": "8.0 ",
"versionType": "custom"
},
{
"lessThan": "ESXi80U1d-23299997",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi70U3p-23307199",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Workstation",
"vendor": "n/a",
"versions": [
{
"lessThan": "17.5.1",
"status": "affected",
"version": "17.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Fusion",
"vendor": "n/a",
"versions": [
{
"lessThan": "13.5.1",
"status": "affected",
"version": "13.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.x"
},
{
"status": "affected",
"version": "4.x"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller.\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eA malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process.\u0026nbsp;\u0026nbsp;\u003c/span\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003cbr\u003e"
}
],
"value": "VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller.\u00a0A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process.\u00a0\u00a0\n\n\n\n\n\n\n\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-05T17:59:56.500Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Information disclosure vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-22255",
"datePublished": "2024-03-05T17:58:35.987Z",
"dateReserved": "2024-01-08T18:43:15.942Z",
"dateUpdated": "2024-11-04T17:17:14.669Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-34043 (GCVE-0-2023-34043)
Vulnerability from cvelistv5
Published
2023-09-26 17:14
Modified
2024-09-24 13:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Local Privilege Escalation Vulnerability
Summary
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Aria Operations |
Version: VMware Aria Operations 8.12.x, 8.10.x, 8.6.x, VCF 5.x, 4.x |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:54:14.161Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0020.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34043",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-24T13:18:34.168244Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-24T13:18:40.162Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMware Aria Operations",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware Aria Operations 8.12.x, 8.10.x, 8.6.x, VCF 5.x, 4.x"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "VMware Aria Operations contains a local privilege escalation vulnerability.\u0026nbsp;A malicious actor with administrative access to the local system can escalate privileges to \u0027root\u0027."
}
],
"value": "VMware Aria Operations contains a local privilege escalation vulnerability.\u00a0A malicious actor with administrative access to the local system can escalate privileges to \u0027root\u0027."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": " Local Privilege Escalation Vulnerability",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-26T17:14:36.790Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0020.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2023-34043",
"datePublished": "2023-09-26T17:14:36.790Z",
"dateReserved": "2023-05-25T17:21:56.202Z",
"dateUpdated": "2024-09-24T13:18:40.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22960 (GCVE-0-2022-22960)
Vulnerability from cvelistv5
Published
2022-04-13 00:00
Modified
2025-07-30 01:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Privilege escalation
Summary
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. A malicious actor with local access can escalate privileges to 'root'.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Workspace ONE Access, Identity Manager and vRealize Automation |
Version: Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3. vRealize Automation 7.6. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.477Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/171918/Mware-Workspace-ONE-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/171918/VMware-Workspace-ONE-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/171935/VMware-Workspace-ONE-Access-Privilege-Escalation.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-22960",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T16:34:09.436482Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-04-15",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22960"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:37:44.265Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2022-04-15T00:00:00+00:00",
"value": "CVE-2022-22960 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VMware Workspace ONE Access, Identity Manager and vRealize Automation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3. vRealize Automation 7.6."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. A malicious actor with local access can escalate privileges to \u0027root\u0027."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-19T00:00:00.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
},
{
"url": "http://packetstormsecurity.com/files/171918/Mware-Workspace-ONE-Remote-Code-Execution.html"
},
{
"url": "http://packetstormsecurity.com/files/171918/VMware-Workspace-ONE-Remote-Code-Execution.html"
},
{
"url": "http://packetstormsecurity.com/files/171935/VMware-Workspace-ONE-Access-Privilege-Escalation.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-22960",
"datePublished": "2022-04-13T00:00:00.000Z",
"dateReserved": "2022-01-10T00:00:00.000Z",
"dateUpdated": "2025-07-30T01:37:44.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22035 (GCVE-0-2021-22035)
Vulnerability from cvelistv5
Published
2021-10-13 15:50
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CSV injection vulnerability in Log Insight
Summary
VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. An authenticated malicious actor with non-administrative privileges may be able to embed untrusted data prior to exporting a CSV sheet through Log Insight which could be executed in user's environment.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vRealize Log Insight |
Version: VMware vRealize Log Insight (8.x prior to 8.6) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:24.009Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vRealize Log Insight",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vRealize Log Insight (8.x prior to 8.6)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. An authenticated malicious actor with non-administrative privileges may be able to embed untrusted data prior to exporting a CSV sheet through Log Insight which could be executed in user\u0027s environment."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CSV injection vulnerability in Log Insight",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-13T15:50:54",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22035",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vRealize Log Insight",
"version": {
"version_data": [
{
"version_value": "VMware vRealize Log Insight (8.x prior to 8.6)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. An authenticated malicious actor with non-administrative privileges may be able to embed untrusted data prior to exporting a CSV sheet through Log Insight which could be executed in user\u0027s environment."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CSV injection vulnerability in Log Insight"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0022.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22035",
"datePublished": "2021-10-13T15:50:54",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:24.009Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22959 (GCVE-0-2022-22959)
Vulnerability from cvelistv5
Published
2022-04-13 17:05
Modified
2024-08-03 03:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Cross site request forgery
Summary
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site request forgery vulnerability. A malicious actor can trick a user through a cross site request forgery to unintentionally validate a malicious JDBC URI.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Workspace ONE Access, Identity Manager and vRealize Automation |
Version: Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3. vRealize Automation 7.6. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware Workspace ONE Access, Identity Manager and vRealize Automation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3. vRealize Automation 7.6."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site request forgery vulnerability. A malicious actor can trick a user through a cross site request forgery to unintentionally validate a malicious JDBC URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross site request forgery",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-13T17:05:54",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2022-22959",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware Workspace ONE Access, Identity Manager and vRealize Automation",
"version": {
"version_data": [
{
"version_value": "Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3. vRealize Automation 7.6."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site request forgery vulnerability. A malicious actor can trick a user through a cross site request forgery to unintentionally validate a malicious JDBC URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross site request forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-22959",
"datePublished": "2022-04-13T17:05:54",
"dateReserved": "2022-01-10T00:00:00",
"dateUpdated": "2024-08-03T03:28:42.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22221 (GCVE-0-2025-22221)
Vulnerability from cvelistv5
Published
2025-01-30 15:30
Modified
2025-03-13 13:45
Severity ?
VLAI Severity ?
EPSS score ?
Summary
VMware Aria Operation for Logs contains a stored cross-site scripting vulnerability. A malicious actor with admin privileges to VMware Aria Operations for Logs may be able to inject a malicious script that could be executed in a victim's browser when performing a delete action in the Agent Configuration.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | VMware Aria Operations for Logs |
Version: 8.x |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22221",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T16:37:26.297768Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T13:45:16.580Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"any"
],
"product": "VMware Aria Operations for Logs",
"vendor": "VMware",
"versions": [
{
"lessThan": "8.18.3",
"status": "affected",
"version": "8.x",
"versionType": "release"
}
]
}
],
"datePublic": "2025-01-30T14:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware Aria Operation for Logs contains a stored cross-site scripting vulnerability.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA malicious actor with admin privileges to VMware Aria Operations for Logs may be able to inject a malicious script that could be executed in a victim\u0027s browser when performing a delete action in the Agent Configuration.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware Aria Operation for Logs contains a stored cross-site scripting vulnerability.\u00a0A malicious actor with admin privileges to VMware Aria Operations for Logs may be able to inject a malicious script that could be executed in a victim\u0027s browser when performing a delete action in the Agent Configuration."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T15:30:12.218Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25329"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "VMware Aria Operations for Logs stored cross-site scripting vulnerability (CVE-2025-22221)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-22221",
"datePublished": "2025-01-30T15:30:12.218Z",
"dateReserved": "2025-01-02T04:29:30.444Z",
"dateUpdated": "2025-03-13T13:45:16.580Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22961 (GCVE-0-2022-22961)
Vulnerability from cvelistv5
Published
2022-04-13 17:05
Modified
2024-08-03 03:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information disclosure
Summary
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. A malicious actor with remote access may leak the hostname of the target system. Successful exploitation of this issue can lead to targeting victims.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Workspace ONE Access, Identity Manager and vRealize Automation |
Version: Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3. vRealize Automation 7.6. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.477Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware Workspace ONE Access, Identity Manager and vRealize Automation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3. vRealize Automation 7.6."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. A malicious actor with remote access may leak the hostname of the target system. Successful exploitation of this issue can lead to targeting victims."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-13T17:05:56",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2022-22961",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware Workspace ONE Access, Identity Manager and vRealize Automation",
"version": {
"version_data": [
{
"version_value": "Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3. vRealize Automation 7.6."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. A malicious actor with remote access may leak the hostname of the target system. Successful exploitation of this issue can lead to targeting victims."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-22961",
"datePublished": "2022-04-13T17:05:56",
"dateReserved": "2022-01-10T00:00:00",
"dateUpdated": "2024-08-03T03:28:42.477Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22008 (GCVE-0-2021-22008)
Vulnerability from cvelistv5
Published
2021-09-23 11:41
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information disclosure vulnerability
Summary
The vCenter Server contains an information disclosure vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by sending a specially crafted json-rpc message to gain access to sensitive information.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server, VMware Cloud Foundation |
Version: VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.901Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server, VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains an information disclosure vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by sending a specially crafted json-rpc message to gain access to sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T11:41:28",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22008",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server, VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vCenter Server contains an information disclosure vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by sending a specially crafted json-rpc message to gain access to sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22008",
"datePublished": "2021-09-23T11:41:28",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.901Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22050 (GCVE-0-2021-22050)
Vulnerability from cvelistv5
Published
2022-02-16 16:37
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Denial of service vulnerability
Summary
ESXi contains a slow HTTP POST denial-of-service vulnerability in rhttpproxy. A malicious actor with network access to ESXi may exploit this issue to create a denial-of-service condition by overwhelming rhttpproxy service with multiple requests.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware ESXi and VMware Cloud Foundation |
Version: VMware ESXi(7.0 U3 before ESXi70U3c-19193900, ESXi 6.7 ESXi670-202111101-SG and ESXi 6.5 before ESXi650-202110101-SG) and VMware Cloud Foundation (4.x before 4.4 and 3.x before 3.11) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.946Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi and VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware ESXi(7.0 U3 before ESXi70U3c-19193900, ESXi 6.7 ESXi670-202111101-SG and ESXi 6.5 before ESXi650-202110101-SG) and VMware Cloud Foundation (4.x before 4.4 and 3.x before 3.11)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ESXi contains a slow HTTP POST denial-of-service vulnerability in rhttpproxy. A malicious actor with network access to ESXi may exploit this issue to create a denial-of-service condition by overwhelming rhttpproxy service with multiple requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-16T16:37:56",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22050",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi and VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware ESXi(7.0 U3 before ESXi70U3c-19193900, ESXi 6.7 ESXi670-202111101-SG and ESXi 6.5 before ESXi650-202110101-SG) and VMware Cloud Foundation (4.x before 4.4 and 3.x before 3.11)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ESXi contains a slow HTTP POST denial-of-service vulnerability in rhttpproxy. A malicious actor with network access to ESXi may exploit this issue to create a denial-of-service condition by overwhelming rhttpproxy service with multiple requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22050",
"datePublished": "2022-02-16T16:37:56",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.946Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3966 (GCVE-0-2020-3966)
Vulnerability from cvelistv5
Published
2020-06-25 14:45
Modified
2024-08-04 07:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap-overflow due to race condition.
Summary
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a heap-overflow due to a race condition issue in the USB 2.0 controller (EHCI). A malicious actor with local access to a virtual machine may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker's control must be present for exploitation to be possible.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | VMware ESXi |
Version: 7.0 before ESXi_7.0.0-1.20.16321839 Version: 6.7 before ESXi670-202004101-SG Version: 6.5 before ESXi650-202005401-SG |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.417Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-783/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "7.0 before ESXi_7.0.0-1.20.16321839"
},
{
"status": "affected",
"version": "6.7 before ESXi670-202004101-SG"
},
{
"status": "affected",
"version": "6.5 before ESXi650-202005401-SG"
}
]
},
{
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "15.x before 15.5.2"
}
]
},
{
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "11.x before 11.5.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a heap-overflow due to a race condition issue in the USB 2.0 controller (EHCI). A malicious actor with local access to a virtual machine may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker\u0027s control must be present for exploitation to be possible."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-overflow due to race condition.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-30T15:06:02",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-783/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-3966",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi",
"version": {
"version_data": [
{
"version_value": "7.0 before ESXi_7.0.0-1.20.16321839"
},
{
"version_value": "6.7 before ESXi670-202004101-SG"
},
{
"version_value": "6.5 before ESXi650-202005401-SG"
}
]
}
},
{
"product_name": "Workstation",
"version": {
"version_data": [
{
"version_value": "15.x before 15.5.2"
}
]
}
},
{
"product_name": "Fusion",
"version": {
"version_data": [
{
"version_value": "11.x before 11.5.2"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a heap-overflow due to a race condition issue in the USB 2.0 controller (EHCI). A malicious actor with local access to a virtual machine may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker\u0027s control must be present for exploitation to be possible."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-overflow due to race condition."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-783/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-783/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-3966",
"datePublished": "2020-06-25T14:45:34",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.417Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21991 (GCVE-0-2021-21991)
Vulnerability from cvelistv5
Published
2021-09-22 18:59
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Local privilege escalation vulnerability
Summary
The vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens. A malicious actor with non-administrative user access on vCenter Server host may exploit this issue to escalate privileges to Administrator on the vSphere Client (HTML5) or vCenter Server vSphere Web Client (FLEX/Flash).
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server, VMware Cloud Foundation |
Version: VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.658Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server, VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens. A malicious actor with non-administrative user access on vCenter Server host may exploit this issue to escalate privileges to Administrator on the vSphere Client (HTML5) or vCenter Server vSphere Web Client (FLEX/Flash)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Local privilege escalation vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-22T18:59:08",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-21991",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server, VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens. A malicious actor with non-administrative user access on vCenter Server host may exploit this issue to escalate privileges to Administrator on the vSphere Client (HTML5) or vCenter Server vSphere Web Client (FLEX/Flash)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Local privilege escalation vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-21991",
"datePublished": "2021-09-22T18:59:08",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20877 (GCVE-0-2023-20877)
Vulnerability from cvelistv5
Published
2023-05-12 00:00
Modified
2025-01-27 18:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Privilege Escalation Vulnerability
Summary
VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Aria Operations (formerly vRealize Operations) |
Version: VMware Aria Operations prior to 8.12 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:21:33.318Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0009.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-20877",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T18:04:25.549958Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:06:05.127Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VMware Aria Operations (formerly vRealize Operations)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware Aria Operations prior to 8.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-12T00:00:00.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0009.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2023-20877",
"datePublished": "2023-05-12T00:00:00.000Z",
"dateReserved": "2022-11-01T00:00:00.000Z",
"dateUpdated": "2025-01-27T18:06:05.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31696 (GCVE-0-2022-31696)
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2025-04-22 15:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory corruption vulnerability
Summary
VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware ESXi, VMware Cloud Foundation |
Version: VMware ESXi (7.0 prior to ESXi70U3si-20841705, 6.7 prior to ESXi670-202210101-SG, 6.5 prior to ESXi650-202210101-SG), VMware Cloud Foundation (4.x, 3.x) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.074Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0030.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-31696",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-22T15:51:02.408747Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T15:51:48.328Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi, VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware ESXi (7.0 prior to ESXi70U3si-20841705, 6.7 prior to ESXi670-202210101-SG, 6.5 prior to ESXi650-202210101-SG), VMware Cloud Foundation (4.x, 3.x)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory corruption vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-13T00:00:00.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0030.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-31696",
"datePublished": "2022-12-13T00:00:00.000Z",
"dateReserved": "2022-05-25T00:00:00.000Z",
"dateUpdated": "2025-04-22T15:51:48.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21972 (GCVE-0-2021-21972)
Vulnerability from cvelistv5
Published
2021-02-24 16:42
Modified
2025-07-30 01:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote code execution vulnerability
Summary
The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | n/a | VMware vCenter Server |
Version: 7.x before 7.0 U1c Version: 6.7 before 6.7 U3l Version: 6.5 before 6.5 U3n |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-21972",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T15:37:18.620381Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21972"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:38:18.847Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2021-21972 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "7.x before 7.0 U1c"
},
{
"status": "affected",
"version": "6.7 before 6.7 U3l"
},
{
"status": "affected",
"version": "6.5 before 6.5 U3n"
}
]
},
{
"product": "VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "4.x before 4.2"
},
{
"status": "affected",
"version": "3.x before 3.10.1.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote code execution vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-24T19:06:12.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-21972",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server",
"version": {
"version_data": [
{
"version_value": "7.x before 7.0 U1c"
},
{
"version_value": "6.7 before 6.7 U3l"
},
{
"version_value": "6.5 before 6.5 U3n"
}
]
}
},
{
"product_name": "VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "4.x before 4.2"
},
{
"version_value": "3.x before 3.10.1.2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote code execution vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
},
{
"name": "http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html"
},
{
"name": "http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html"
},
{
"name": "http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-21972",
"datePublished": "2021-02-24T16:42:05.000Z",
"dateReserved": "2021-01-04T00:00:00.000Z",
"dateUpdated": "2025-07-30T01:38:18.847Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22013 (GCVE-0-2021-22013)
Vulnerability from cvelistv5
Published
2021-09-23 11:58
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- File path traversal vulnerability
Summary
The vCenter Server contains a file path traversal vulnerability leading to information disclosure in the appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server |
Version: VMware vCenter Server 6.5 before 6.5 U3q |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.932Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server 6.5 before 6.5 U3q"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a file path traversal vulnerability leading to information disclosure in the appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "File path traversal vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T11:58:53",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22013",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server 6.5 before 6.5 U3q"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vCenter Server contains a file path traversal vulnerability leading to information disclosure in the appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "File path traversal vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22013",
"datePublished": "2021-09-23T11:58:53",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.932Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20878 (GCVE-0-2023-20878)
Vulnerability from cvelistv5
Published
2023-05-12 00:00
Modified
2025-01-27 18:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Deserialization Vulnerability
Summary
VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Aria Operations (formerly vRealize Operations) |
Version: VMware Aria Operations prior to 8.12 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:21:32.967Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0009.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-20878",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T18:02:10.012956Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:02:14.568Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VMware Aria Operations (formerly vRealize Operations)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware Aria Operations prior to 8.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Deserialization Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-12T00:00:00.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0009.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2023-20878",
"datePublished": "2023-05-12T00:00:00.000Z",
"dateReserved": "2022-11-01T00:00:00.000Z",
"dateUpdated": "2025-01-27T18:02:14.568Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21975 (GCVE-0-2021-21975)
Vulnerability from cvelistv5
Published
2021-03-31 17:51
Modified
2025-07-30 01:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Server Side Request Forgery
Summary
Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vRealize Operations |
Version: VMware vRealize Operations prior to 8.4 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.699Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0004.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-21975",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T17:58:07.581716Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-01-18",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21975"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:38:14.715Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2022-01-18T00:00:00+00:00",
"value": "CVE-2021-21975 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VMware vRealize Operations",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vRealize Operations prior to 8.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Server Side Request Forgery",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-27T16:08:33.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0004.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-21975",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vRealize Operations",
"version": {
"version_data": [
{
"version_value": "VMware vRealize Operations prior to 8.4"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Server Side Request Forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0004.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0004.html"
},
{
"name": "http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-21975",
"datePublished": "2021-03-31T17:51:51.000Z",
"dateReserved": "2021-01-04T00:00:00.000Z",
"dateUpdated": "2025-07-30T01:38:14.715Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31697 (GCVE-0-2022-31697)
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2025-04-22 15:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information disclosure vulnerability
Summary
The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Server Appliance ISO operation (Install/Upgrade/Migrate/Restore) can access plaintext passwords used during that operation.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server, VMware Cloud Foundation |
Version: VMware (7.0 prior to 7.0 U3i, 6.7 prior to 6.7.0 U3s, 6.5 prior to 6.5 U3u), VMware Cloud Foundation (4.x, 3.x) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:00.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0030.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-31697",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-22T15:49:52.808479Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T15:50:24.431Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server, VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware (7.0 prior to 7.0 U3i, 6.7 prior to 6.7.0 U3s, 6.5 prior to 6.5 U3u), VMware Cloud Foundation (4.x, 3.x)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Server Appliance ISO operation (Install/Upgrade/Migrate/Restore) can access plaintext passwords used during that operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-13T00:00:00.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0030.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-31697",
"datePublished": "2022-12-13T00:00:00.000Z",
"dateReserved": "2022-05-25T00:00:00.000Z",
"dateUpdated": "2025-04-22T15:50:24.431Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22948 (GCVE-0-2022-22948)
Vulnerability from cvelistv5
Published
2022-03-29 17:24
Modified
2025-07-30 01:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information disclosure vulnerability
Summary
The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server and VMware Cloud Foundation |
Version: VMware vCenter Server (7.0 prior to 7.0 U3d, 6.7 prior to 6.7 U3p and 6.5 prior to 6.5 U3r) and VMware Cloud Foundation (4.x and 3.x prior to 3.11) |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:vmware:cloud_foundation:4.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cloud_foundation",
"vendor": "vmware",
"versions": [
{
"lessThan": "5.0",
"status": "affected",
"version": "4.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:vmware:cloud_foundation:3.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cloud_foundation",
"vendor": "vmware",
"versions": [
{
"lessThan": "3.11",
"status": "affected",
"version": "3.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:vmware:vcenter_server:7.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vcenter_server",
"vendor": "vmware",
"versions": [
{
"lessThan": "7.0_u3d",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:vmware:vcenter_server:6.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vcenter_server",
"vendor": "vmware",
"versions": [
{
"lessThan": "6.7_u3p",
"status": "affected",
"version": "6.7",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:vmware:vcenter_server:6.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vcenter_server",
"vendor": "vmware",
"versions": [
{
"lessThan": "6.5_u3r",
"status": "affected",
"version": "6.5",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"dateAdded": "2024-07-17",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22948"
},
"type": "kev"
}
},
{
"other": {
"content": {
"id": "CVE-2022-22948",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-18T03:55:22.079743Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:37:45.288Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2024-07-17T00:00:00+00:00",
"value": "CVE-2022-22948 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0009.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server and VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server (7.0 prior to 7.0 U3d, 6.7 prior to 6.7 U3p and 6.5 prior to 6.5 U3r) and VMware Cloud Foundation (4.x and 3.x prior to 3.11)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-29T17:24:33.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0009.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2022-22948",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server and VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server (7.0 prior to 7.0 U3d, 6.7 prior to 6.7 U3p and 6.5 prior to 6.5 U3r) and VMware Cloud Foundation (4.x and 3.x prior to 3.11)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2022-0009.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0009.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-22948",
"datePublished": "2022-03-29T17:24:33.000Z",
"dateReserved": "2022-01-10T00:00:00.000Z",
"dateUpdated": "2025-07-30T01:37:45.288Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22010 (GCVE-0-2021-22010)
Vulnerability from cvelistv5
Published
2021-09-23 11:51
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Denial of service vulnerability
Summary
The vCenter Server contains a denial-of-service vulnerability in VPXD service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to create a denial of service condition due to excessive memory consumption by VPXD service.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server, VMware Cloud Foundation |
Version: VMware vCenter Server(7.x before 7.0 U2c and 6.7 before 6.7 U3o) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.749Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server, VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server(7.x before 7.0 U2c and 6.7 before 6.7 U3o) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a denial-of-service vulnerability in VPXD service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to create a denial of service condition due to excessive memory consumption by VPXD service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T11:51:40",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22010",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server, VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server(7.x before 7.0 U2c and 6.7 before 6.7 U3o) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vCenter Server contains a denial-of-service vulnerability in VPXD service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to create a denial of service condition due to excessive memory consumption by VPXD service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of service vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22010",
"datePublished": "2021-09-23T11:51:40",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.749Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3995 (GCVE-0-2020-3995)
Vulnerability from cvelistv5
Published
2020-10-20 16:14
Modified
2024-08-04 07:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory leak vulnerability
Summary
In VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x before 15.1.0), Fusion (11.x before 11.1.0), the VMCI host drivers used by VMware hypervisors contain a memory leak vulnerability. A malicious actor with access to a virtual machine may be able to trigger a memory leak issue resulting in memory resource exhaustion on the hypervisor if the attack is sustained for extended periods of time.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware ESXi, Workstation, Fusion |
Version: VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x before 15.1.0), Fusion (11.x before 11.1.0) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.561Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi, Workstation, Fusion",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x before 15.1.0), Fusion (11.x before 11.1.0)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x before 15.1.0), Fusion (11.x before 11.1.0), the VMCI host drivers used by VMware hypervisors contain a memory leak vulnerability. A malicious actor with access to a virtual machine may be able to trigger a memory leak issue resulting in memory resource exhaustion on the hypervisor if the attack is sustained for extended periods of time."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory leak vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-20T16:14:34",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-3995",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi, Workstation, Fusion",
"version": {
"version_data": [
{
"version_value": "VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x before 15.1.0), Fusion (11.x before 11.1.0)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x before 15.1.0), Fusion (11.x before 11.1.0), the VMCI host drivers used by VMware hypervisors contain a memory leak vulnerability. A malicious actor with access to a virtual machine may be able to trigger a memory leak issue resulting in memory resource exhaustion on the hypervisor if the attack is sustained for extended periods of time."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory leak vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-3995",
"datePublished": "2020-10-20T16:14:34",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41231 (GCVE-0-2025-41231)
Vulnerability from cvelistv5
Published
2025-05-20 12:54
Modified
2025-05-20 13:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Missing Authorisation
Summary
VMware Cloud Foundation contains a missing authorisation vulnerability. A malicious actor with access to VMware Cloud Foundation appliance may be able to perform certain unauthorised actions and access limited sensitive information.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Cloud Foundation |
Version: 5.x < 5.2.1.2 Version: 4.5.x |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41231",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T13:20:28.602616Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T13:21:18.807Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"lessThan": "5.2.1.2",
"status": "affected",
"version": "5.x",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.5.x"
}
]
}
],
"datePublic": "2025-05-20T08:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware Cloud Foundation\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;contains a missing authorisation vulnerability\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.\u0026nbsp;\u003c/span\u003eA malicious actor with access to VMware Cloud Foundation appliance may be able to perform certain unauthorised actions and access limited sensitive information.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware Cloud Foundation\u00a0contains a missing authorisation vulnerability.\u00a0A malicious actor with access to VMware Cloud Foundation appliance may be able to perform certain unauthorised actions and access limited sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing Authorisation",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T12:54:41.570Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25733"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "VMware Cloud Foundation Missing Authorisation Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-41231",
"datePublished": "2025-05-20T12:54:41.570Z",
"dateReserved": "2025-04-16T09:29:46.972Z",
"dateUpdated": "2025-05-20T13:21:18.807Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22280 (GCVE-0-2024-22280)
Vulnerability from cvelistv5
Published
2024-07-11 04:39
Modified
2025-03-14 18:42
Severity ?
VLAI Severity ?
EPSS score ?
Summary
VMware Aria Automation does not apply correct input validation which allows for SQL-injection in the product. An authenticated malicious user could enter specially crafted SQL queries and perform unauthorised read/write operations in the database.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | VMware Aria Automation |
Version: 8.x |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22280",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-12T14:47:13.468275Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-14T18:42:23.052Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.225Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24598"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMware Aria Automation",
"vendor": "VMware",
"versions": [
{
"lessThan": "8.17.0",
"status": "affected",
"version": "8.x",
"versionType": "8.17.0"
}
]
}
],
"datePublic": "2024-07-10T15:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware Aria Automation does not apply correct input validation which allows for SQL-injection in the product.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn authenticated malicious user could enter specially crafted SQL queries and perform unauthorised read/write operations in the database.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware Aria Automation does not apply correct input validation which allows for SQL-injection in the product.\u00a0An authenticated malicious user could enter specially crafted SQL queries and perform unauthorised read/write operations in the database."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-11T04:39:09.353Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24598"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "VMSA-2024-0017: VMware Aria Automation updates address SQL-injection vulnerability (CVE-2024-22280)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-22280",
"datePublished": "2024-07-11T04:39:09.353Z",
"dateReserved": "2024-01-08T18:43:18.959Z",
"dateUpdated": "2025-03-14T18:42:23.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22009 (GCVE-0-2021-22009)
Vulnerability from cvelistv5
Published
2021-09-23 11:51
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Multiple denial of service vulnerabilities
Summary
The vCenter Server contains multiple denial-of-service vulnerabilities in VAPI (vCenter API) service. A malicious actor with network access to port 443 on vCenter Server may exploit these issues to create a denial of service condition due to excessive memory consumption by VAPI service.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server, VMware Cloud Foundation |
Version: VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.750Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server, VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains multiple denial-of-service vulnerabilities in VAPI (vCenter API) service. A malicious actor with network access to port 443 on vCenter Server may exploit these issues to create a denial of service condition due to excessive memory consumption by VAPI service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Multiple denial of service vulnerabilities",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T11:51:32",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22009",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server, VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vCenter Server contains multiple denial-of-service vulnerabilities in VAPI (vCenter API) service. A malicious actor with network access to port 443 on vCenter Server may exploit these issues to create a denial of service condition due to excessive memory consumption by VAPI service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Multiple denial of service vulnerabilities"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22009",
"datePublished": "2021-09-23T11:51:32",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.750Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3992 (GCVE-0-2020-3992)
Vulnerability from cvelistv5
Published
2020-10-20 16:11
Modified
2025-07-30 01:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote code execution vulnerability
Summary
OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware ESXi |
Version: VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1377/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1385/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-3992",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T17:59:04.045831Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-3992"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:45:34.610Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2020-3992 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote code execution vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-25T23:06:15.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1377/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1385/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-3992",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi",
"version": {
"version_data": [
{
"version_value": "VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote code execution vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1377/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1377/"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1385/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1385/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-3992",
"datePublished": "2020-10-20T16:11:13.000Z",
"dateReserved": "2019-12-30T00:00:00.000Z",
"dateUpdated": "2025-07-30T01:45:34.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3982 (GCVE-0-2020-3982)
Vulnerability from cvelistv5
Published
2020-10-20 16:09
Modified
2024-08-04 07:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds write vulnerability
Summary
VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds write vulnerability due to a time-of-check time-of-use issue in ACPI device. A malicious actor with administrative access to a virtual machine may be able to exploit this vulnerability to crash the virtual machine's vmx process or corrupt hypervisor's memory heap.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware ESXi, Workstation, Fusion |
Version: VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.601Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi, Workstation, Fusion",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds write vulnerability due to a time-of-check time-of-use issue in ACPI device. A malicious actor with administrative access to a virtual machine may be able to exploit this vulnerability to crash the virtual machine\u0027s vmx process or corrupt hypervisor\u0027s memory heap."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds write vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-20T16:09:04",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-3982",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi, Workstation, Fusion",
"version": {
"version_data": [
{
"version_value": "VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds write vulnerability due to a time-of-check time-of-use issue in ACPI device. A malicious actor with administrative access to a virtual machine may be able to exploit this vulnerability to crash the virtual machine\u0027s vmx process or corrupt hypervisor\u0027s memory heap."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds write vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-3982",
"datePublished": "2020-10-20T16:09:04",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20879 (GCVE-0-2023-20879)
Vulnerability from cvelistv5
Published
2023-05-12 00:00
Modified
2025-01-27 16:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Local Privilege Escalation Vulnerability
Summary
VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Aria Operations (formerly vRealize Operations) |
Version: VMware Aria Operations prior to 8.12 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:21:32.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0009.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-20879",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T16:32:26.099791Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T16:33:40.068Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VMware Aria Operations (formerly vRealize Operations)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware Aria Operations prior to 8.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Local Privilege Escalation Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-12T00:00:00.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0009.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2023-20879",
"datePublished": "2023-05-12T00:00:00.000Z",
"dateReserved": "2022-11-01T00:00:00.000Z",
"dateUpdated": "2025-01-27T16:33:40.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31700 (GCVE-0-2022-31700)
Vulnerability from cvelistv5
Published
2022-12-14 00:00
Modified
2025-04-22 16:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Authenticated Remote Code Execution Vulnerability
Summary
VMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM) |
Version: VMware Workspace ONE Access (Multiple Versions) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:00.938Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0032.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-31700",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-22T16:05:37.679578Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T16:06:25.180Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware Workspace ONE Access (Multiple Versions)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authenticated Remote Code Execution Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-14T00:00:00.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0032.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-31700",
"datePublished": "2022-12-14T00:00:00.000Z",
"dateReserved": "2022-05-25T00:00:00.000Z",
"dateUpdated": "2025-04-22T16:06:25.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22954 (GCVE-0-2022-22954)
Vulnerability from cvelistv5
Published
2022-04-11 19:37
Modified
2025-07-30 01:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote code execution
Summary
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Workspace ONE Access and Identity Manager |
Version: Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/166935/VMware-Workspace-ONE-Access-Template-Injection-Command-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-22954",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T14:20:48.327758Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-04-14",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22954"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:37:44.407Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2022-04-14T00:00:00+00:00",
"value": "CVE-2022-22954 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VMware Workspace ONE Access and Identity Manager",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-03T17:06:08.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/166935/VMware-Workspace-ONE-Access-Template-Injection-Command-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2022-22954",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware Workspace ONE Access and Identity Manager",
"version": {
"version_data": [
{
"version_value": "Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
},
{
"name": "http://packetstormsecurity.com/files/166935/VMware-Workspace-ONE-Access-Template-Injection-Command-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/166935/VMware-Workspace-ONE-Access-Template-Injection-Command-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-22954",
"datePublished": "2022-04-11T19:37:39.000Z",
"dateReserved": "2022-01-10T00:00:00.000Z",
"dateUpdated": "2025-07-30T01:37:44.407Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22245 (GCVE-0-2025-22245)
Vulnerability from cvelistv5
Published
2025-06-04 19:32
Modified
2025-06-04 20:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Stored Cross-Site Scripting (XSS) vulnerability in router port
Summary
VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the router port due to improper input validation.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | VMware NSX |
Version: VMware NSX 4.0.x, VMware NSX 4.1.x, VMware NSX 4.2.x |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22245",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-04T20:04:45.703274Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T20:05:24.144Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMware NSX",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "VMware NSX 4.0.x, VMware NSX 4.1.x, VMware NSX 4.2.x"
}
]
}
],
"datePublic": "2025-06-04T19:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the router port due to improper input validation.\u003c/span\u003e"
}
],
"value": "VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the router port due to improper input validation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Stored Cross-Site Scripting (XSS) vulnerability in router port",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T19:32:42.328Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25738"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-22245",
"datePublished": "2025-06-04T19:32:42.328Z",
"dateReserved": "2025-01-02T04:30:19.928Z",
"dateUpdated": "2025-06-04T20:05:24.144Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22226 (GCVE-0-2025-22226)
Vulnerability from cvelistv5
Published
2025-03-04 11:56
Modified
2025-07-30 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information disclosure vulnerability
Summary
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | n/a | ESXi |
Version: 8.0 < ESXi80U3d-24585383 Version: 8.0 < ESXi80U2d-24585300 Version: 7.0 < ESXi70U3s-24585291 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22226",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T04:55:25.321408Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-03-04",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-22226"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:36:18.577Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2025-03-04T00:00:00+00:00",
"value": "CVE-2025-22226 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ESXi",
"vendor": "n/a",
"versions": [
{
"lessThan": "ESXi80U3d-24585383",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi80U2d-24585300",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi70U3s-24585291",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux"
],
"product": "VMware Workstation",
"vendor": "n/a",
"versions": [
{
"lessThan": "17.6.3",
"status": "affected",
"version": "17.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"MacOS"
],
"product": "VMware Fusion",
"vendor": "n/a",
"versions": [
{
"lessThan": "13.6.3",
"status": "affected",
"version": "13.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.x, 4.5.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Telco Cloud Platform",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.x, 4.x, 3.x, 2.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Telco Cloud Infrastructure",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "3.x, 2.x"
}
]
}
],
"datePublic": "2025-03-04T11:50:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware ESXi, Workstation, and Fusion contain\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;an information disclosure \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003evulnerability \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003edue to an out-of-bounds read in HGFS.\u0026nbsp;\u003c/span\u003eA malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware ESXi, Workstation, and Fusion contain\u00a0an information disclosure vulnerability due to an out-of-bounds read in HGFS.\u00a0A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure vulnerability",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-04T11:56:57.541Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-22226",
"datePublished": "2025-03-04T11:56:57.541Z",
"dateReserved": "2025-01-02T04:29:59.190Z",
"dateUpdated": "2025-07-30T01:36:18.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21992 (GCVE-0-2021-21992)
Vulnerability from cvelistv5
Published
2021-09-22 18:59
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- XML parsing denial-of-service vulnerability
Summary
The vCenter Server contains a denial-of-service vulnerability due to improper XML entity parsing. A malicious actor with non-administrative user access to the vCenter Server vSphere Client (HTML5) or vCenter Server vSphere Web Client (FLEX/Flash) may exploit this issue to create a denial-of-service condition on the vCenter Server host.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server, VMware Cloud Foundation |
Version: VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server, VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a denial-of-service vulnerability due to improper XML entity parsing. A malicious actor with non-administrative user access to the vCenter Server vSphere Client (HTML5) or vCenter Server vSphere Web Client (FLEX/Flash) may exploit this issue to create a denial-of-service condition on the vCenter Server host."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "XML parsing denial-of-service vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-22T18:59:15",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-21992",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server, VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server(7.x before 7.0 U2c, 6.7 before 6.7 U3o and 6.5 before 6.5 U3q) and VMware Cloud Foundation (4.x before 4.3 and 3.x before 3.10.2.2)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vCenter Server contains a denial-of-service vulnerability due to improper XML entity parsing. A malicious actor with non-administrative user access to the vCenter Server vSphere Client (HTML5) or vCenter Server vSphere Web Client (FLEX/Flash) may exploit this issue to create a denial-of-service condition on the vCenter Server host."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XML parsing denial-of-service vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-21992",
"datePublished": "2021-09-22T18:59:15",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38832 (GCVE-0-2024-38832)
Vulnerability from cvelistv5
Published
2024-11-26 11:51
Modified
2024-12-06 20:03
Severity ?
VLAI Severity ?
EPSS score ?
Summary
VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to views may be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | VMware Aria Operations |
Version: 8.x |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38832",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T14:01:33.938591Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-06T20:03:26.251Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Any"
],
"product": "VMware Aria Operations",
"vendor": "VMware",
"versions": [
{
"lessThan": "8.18.2",
"status": "affected",
"version": "8.x",
"versionType": "proprietary"
}
]
}
],
"datePublic": "2024-11-26T11:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware Aria Operations contains a stored cross-site scripting vulnerability.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA malicious actor with editing access to views may be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware Aria Operations contains a stored cross-site scripting vulnerability.\u00a0A malicious actor with editing access to views may be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T11:51:39.551Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25199"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Stored cross-site scripting vulnerability (CVE-2024-38832)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-38832",
"datePublished": "2024-11-26T11:51:39.551Z",
"dateReserved": "2024-06-19T22:32:07.790Z",
"dateUpdated": "2024-12-06T20:03:26.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22045 (GCVE-0-2021-22045)
Vulnerability from cvelistv5
Published
2022-01-04 21:39
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap-based Buffer Overflow Vulnerability
Summary
VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0) contains a heap-overflow vulnerability in CD-ROM device emulation. A malicious actor with access to a virtual machine with CD-ROM device emulation may be able to exploit this vulnerability in conjunction with other issues to execute code on the hypervisor from a virtual machine.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware ESXi, VMware Workstation and VMware Fusion |
Version: VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:24.037Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0001.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165440/VMware-Security-Advisory-2022-0001.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi, VMware Workstation and VMware Fusion",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0) contains a heap-overflow vulnerability in CD-ROM device emulation. A malicious actor with access to a virtual machine with CD-ROM device emulation may be able to exploit this vulnerability in conjunction with other issues to execute code on the hypervisor from a virtual machine."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-based Buffer Overflow Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-06T14:06:30",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0001.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165440/VMware-Security-Advisory-2022-0001.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-003/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22045",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi, VMware Workstation and VMware Fusion",
"version": {
"version_data": [
{
"version_value": "VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0) contains a heap-overflow vulnerability in CD-ROM device emulation. A malicious actor with access to a virtual machine with CD-ROM device emulation may be able to exploit this vulnerability in conjunction with other issues to execute code on the hypervisor from a virtual machine."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2022-0001.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0001.html"
},
{
"name": "http://packetstormsecurity.com/files/165440/VMware-Security-Advisory-2022-0001.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165440/VMware-Security-Advisory-2022-0001.html"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-003/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-003/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22045",
"datePublished": "2022-01-04T21:39:03",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:24.037Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22973 (GCVE-0-2022-22973)
Vulnerability from cvelistv5
Published
2022-05-20 20:18
Modified
2024-08-03 03:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Privilege escalation
Summary
VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Workspace ONE Access and Identity Manager. |
Version: Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0014.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware Workspace ONE Access and Identity Manager.",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to \u0027root\u0027."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-20T20:18:27",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0014.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2022-22973",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware Workspace ONE Access and Identity Manager.",
"version": {
"version_data": [
{
"version_value": "Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to \u0027root\u0027."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2022-0014.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0014.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-22973",
"datePublished": "2022-05-20T20:18:27",
"dateReserved": "2022-01-10T00:00:00",
"dateUpdated": "2024-08-03T03:28:42.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20865 (GCVE-0-2023-20865)
Vulnerability from cvelistv5
Published
2023-04-20 00:00
Modified
2025-02-05 15:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- VMware Aria Operations for Logs contains a command injection vulnerability
Summary
VMware Aria Operations for Logs contains a command injection vulnerability. A malicious actor with administrative privileges in VMware Aria Operations for Logs can execute arbitrary commands as root.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Aria Operations for Logs (formerly vRealize Log Insight) |
Version: VMware Aria Operations for Logs (formerly vRealize Log Insight) prior to 8.12 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:21:32.434Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0007.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-20865",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T15:25:49.150693Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T15:26:03.893Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VMware Aria Operations for Logs (formerly vRealize Log Insight)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware Aria Operations for Logs (formerly vRealize Log Insight) prior to 8.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations for Logs contains a command injection vulnerability. A malicious actor with administrative privileges in VMware Aria Operations for Logs can execute arbitrary commands as root."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "VMware Aria Operations for Logs contains a command injection vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-20T00:00:00.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0007.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2023-20865",
"datePublished": "2023-04-20T00:00:00.000Z",
"dateReserved": "2022-11-01T00:00:00.000Z",
"dateUpdated": "2025-02-05T15:26:03.893Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3962 (GCVE-0-2020-3962)
Vulnerability from cvelistv5
Published
2020-06-24 16:01
Modified
2024-08-04 07:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use-after-free vulnerability
Summary
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a use-after-free vulnerability in the SVGA device. A malicious actor with local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | VMware ESXi |
Version: 7.0 before ESXi_7.0.0-1.20.16321839 Version: 6.7 before ESXi670-202004101-SG Version: 6.5 before ESXi650-202005401-SG |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-785/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "7.0 before ESXi_7.0.0-1.20.16321839"
},
{
"status": "affected",
"version": "6.7 before ESXi670-202004101-SG"
},
{
"status": "affected",
"version": "6.5 before ESXi650-202005401-SG"
}
]
},
{
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "15.x before 15.5.5"
}
]
},
{
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "11.x before 11.5.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a use-after-free vulnerability in the SVGA device. A malicious actor with local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use-after-free vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-30T15:06:04",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-785/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-3962",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi",
"version": {
"version_data": [
{
"version_value": "7.0 before ESXi_7.0.0-1.20.16321839"
},
{
"version_value": "6.7 before ESXi670-202004101-SG"
},
{
"version_value": "6.5 before ESXi650-202005401-SG"
}
]
}
},
{
"product_name": "Workstation",
"version": {
"version_data": [
{
"version_value": "15.x before 15.5.5"
}
]
}
},
{
"product_name": "Fusion",
"version": {
"version_data": [
{
"version_value": "11.x before 11.5.5"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a use-after-free vulnerability in the SVGA device. A malicious actor with local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use-after-free vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-785/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-785/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-3962",
"datePublished": "2020-06-24T16:01:53",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22235 (GCVE-0-2024-22235)
Vulnerability from cvelistv5
Published
2024-02-21 04:59
Modified
2025-03-20 19:25
Severity ?
VLAI Severity ?
EPSS score ?
Summary
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Aria Operations |
Version: VMware Aria Operations 8.x |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:33.694Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0004.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:vmware:aria_operations:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "aria_operations",
"vendor": "vmware",
"versions": [
{
"lessThan": "9.0",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22235",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-21T15:24:42.919430Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T19:25:06.024Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMware Aria Operations",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware Aria Operations 8.x"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "VMware Aria Operations contains a local privilege escalation vulnerability.\u0026nbsp;A malicious actor with administrative access to the local system can escalate privileges to \u0027root\u0027."
}
],
"value": "VMware Aria Operations contains a local privilege escalation vulnerability.\u00a0A malicious actor with administrative access to the local system can escalate privileges to \u0027root\u0027."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-21T04:59:48.892Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0004.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-22235",
"datePublished": "2024-02-21T04:59:48.892Z",
"dateReserved": "2024-01-08T16:40:16.141Z",
"dateUpdated": "2025-03-20T19:25:06.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22012 (GCVE-0-2021-22012)
Vulnerability from cvelistv5
Published
2021-09-23 11:58
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information disclosure vulnerability
Summary
The vCenter Server contains an information disclosure vulnerability due to an unauthenticated appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server |
Version: VMware vCenter Server 6.5 before 6.5 U3q |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.932Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server 6.5 before 6.5 U3q"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains an information disclosure vulnerability due to an unauthenticated appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information disclosure vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-23T11:58:46",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22012",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server 6.5 before 6.5 U3q"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vCenter Server contains an information disclosure vulnerability due to an unauthenticated appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22012",
"datePublished": "2021-09-23T11:58:46",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.932Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22972 (GCVE-0-2022-22972)
Vulnerability from cvelistv5
Published
2022-05-20 20:18
Modified
2024-08-03 03:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Authentication Bypass
Summary
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Workspace ONE Access, Identity Manager and vRealize Automation |
Version: Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3. vRealize Automation 7.6. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.716Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0014.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware Workspace ONE Access, Identity Manager and vRealize Automation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3. vRealize Automation 7.6."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-20T20:18:39",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0014.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2022-22972",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware Workspace ONE Access, Identity Manager and vRealize Automation",
"version": {
"version_data": [
{
"version_value": "Access 21.08.0.1, 21.08.0.0, 20.10.0.1, 20.10.0.0. Identity Manager 3.3.6, 3.3.5, 3.3.4, 3.3.3. vRealize Automation 7.6."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2022-0014.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0014.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-22972",
"datePublished": "2022-05-20T20:18:39",
"dateReserved": "2022-01-10T00:00:00",
"dateUpdated": "2024-08-03T03:28:42.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31698 (GCVE-0-2022-31698)
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2025-04-22 03:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Denial of service vulnerability
Summary
The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server, VMware Cloud Foundation |
Version: VMware (7.0 prior to 7.0 U3i, 6.7 prior to 6.7.0 U3s, 6.5 prior to 6.5 U3u), VMware Cloud Foundation (4.x, 3.x) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0030.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1588"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-31698",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-22T03:26:21.371956Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T03:26:59.398Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server, VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware (7.0 prior to 7.0 U3i, 6.7 prior to 6.7.0 U3s, 6.5 prior to 6.5 U3u), VMware Cloud Foundation (4.x, 3.x)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of service vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-13T00:00:00.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0030.html"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1588"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-31698",
"datePublished": "2022-12-13T00:00:00.000Z",
"dateReserved": "2022-05-25T00:00:00.000Z",
"dateUpdated": "2025-04-22T03:26:59.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38831 (GCVE-0-2024-38831)
Vulnerability from cvelistv5
Published
2024-11-26 11:50
Modified
2024-11-26 15:06
Severity ?
VLAI Severity ?
EPSS score ?
Summary
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges can insert malicious commands into the properties file to escalate privileges to a root user on the appliance running VMware Aria Operations.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | VMware Aria Operations |
Version: 8.x |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:vmware:aria_operations:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "aria_operations",
"vendor": "vmware",
"versions": [
{
"lessThan": "8.18.2",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38831",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T15:05:03.311973Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T15:06:18.650Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Any"
],
"product": "VMware Aria Operations",
"vendor": "VMware",
"versions": [
{
"lessThan": "8.18.2",
"status": "affected",
"version": "8.x",
"versionType": "proprietary"
}
]
}
],
"datePublic": "2024-11-26T11:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware Aria Operations contains a local privilege escalation vulnerability.\u0026nbsp;\u0026nbsp;\u003c/span\u003eA malicious actor with local administrative privileges can insert malicious commands into the properties file to escalate privileges to \u0026nbsp;a root user on the appliance running VMware Aria Operations."
}
],
"value": "VMware Aria Operations contains a local privilege escalation vulnerability.\u00a0\u00a0A malicious actor with local administrative privileges can insert malicious commands into the properties file to escalate privileges to \u00a0a root user on the appliance running VMware Aria Operations."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T11:50:20.202Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25199"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Local privilege escalation vulnerability (CVE-2024-38831)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-38831",
"datePublished": "2024-11-26T11:50:20.202Z",
"dateReserved": "2024-06-19T22:32:07.790Z",
"dateUpdated": "2024-11-26T15:06:18.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21985 (GCVE-0-2021-21985)
Vulnerability from cvelistv5
Published
2021-05-26 14:04
Modified
2025-07-30 01:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote code execution vulnerability
Summary
The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vCenter Server and VMware Cloud Foundation |
Version: VMware vCenter Server (7.x before 7.0 U2b, 6.7 before 6.7 U3n, 6.5 before 6.5 U3p) and VMware Cloud Foundation (4.x before 4.2.1, 3.x before 3.10.2.1) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.663Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-21985",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T17:56:51.919812Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-21985"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-470",
"description": "CWE-470 Use of Externally-Controlled Input to Select Classes or Code (\u0027Unsafe Reflection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:38:10.011Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2021-21985 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VMware vCenter Server and VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vCenter Server (7.x before 7.0 U2b, 6.7 before 6.7 U3n, 6.5 before 6.5 U3p) and VMware Cloud Foundation (4.x before 4.2.1, 3.x before 3.10.2.1)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote code execution vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-13T16:06:26.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-21985",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vCenter Server and VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware vCenter Server (7.x before 7.0 U2b, 6.7 before 6.7 U3n, 6.5 before 6.5 U3p) and VMware Cloud Foundation (4.x before 4.2.1, 3.x before 3.10.2.1)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote code execution vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html"
},
{
"name": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html"
},
{
"name": "http://packetstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-21985",
"datePublished": "2021-05-26T14:04:30.000Z",
"dateReserved": "2021-01-04T00:00:00.000Z",
"dateUpdated": "2025-07-30T01:38:10.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38834 (GCVE-0-2024-38834)
Vulnerability from cvelistv5
Published
2024-11-26 11:56
Modified
2024-12-06 20:04
Severity ?
VLAI Severity ?
EPSS score ?
Summary
VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to cloud provider might be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | VMware Aria Operations |
Version: 8.x |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38834",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T14:01:21.799680Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-06T20:04:02.459Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Any"
],
"product": "VMware Aria Operations",
"vendor": "VMware",
"versions": [
{
"lessThan": "8.18.2",
"status": "affected",
"version": "8.x",
"versionType": "proprietary"
}
]
}
],
"datePublic": "2024-11-26T11:10:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware Aria Operations contains a stored cross-site scripting vulnerability.\u0026nbsp;\u003c/span\u003eA malicious actor with editing access to cloud provider might be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware Aria Operations contains a stored cross-site scripting vulnerability.\u00a0A malicious actor with editing access to cloud provider might be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-26T11:56:48.573Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25199"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Stored cross-site scripting vulnerability (CVE-2024-38834)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-38834",
"datePublished": "2024-11-26T11:56:48.573Z",
"dateReserved": "2024-06-19T22:32:07.790Z",
"dateUpdated": "2024-12-06T20:04:02.459Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3963 (GCVE-0-2020-3963)
Vulnerability from cvelistv5
Published
2020-06-25 14:50
Modified
2024-08-04 07:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use-after-free vulnerability
Summary
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a use-after-free vulnerability in PVNVRAM. A malicious actor with local access to a virtual machine may be able to read privileged information contained in physical memory.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | VMware ESXi |
Version: 7.0 before ESXi_7.0.0-1.20.16321839 Version: 6.7 before ESXi670-202006401-SG Version: 6.5 before ESXi650-202005401-SG |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.479Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"name": "20200717 VMware ESXi: Multiple vulnerabilities [CVE-2020-3963, CVE-2020-3964, CVE-2020-3965, CVE-2020-3960]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Jul/22"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "7.0 before ESXi_7.0.0-1.20.16321839"
},
{
"status": "affected",
"version": "6.7 before ESXi670-202006401-SG"
},
{
"status": "affected",
"version": "6.5 before ESXi650-202005401-SG"
}
]
},
{
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "15.x before 15.5.2"
}
]
},
{
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "11.x before 11.5.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a use-after-free vulnerability in PVNVRAM. A malicious actor with local access to a virtual machine may be able to read privileged information contained in physical memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use-after-free vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-17T20:06:11",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"name": "20200717 VMware ESXi: Multiple vulnerabilities [CVE-2020-3963, CVE-2020-3964, CVE-2020-3965, CVE-2020-3960]",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Jul/22"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-3963",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi",
"version": {
"version_data": [
{
"version_value": "7.0 before ESXi_7.0.0-1.20.16321839"
},
{
"version_value": "6.7 before ESXi670-202006401-SG"
},
{
"version_value": "6.5 before ESXi650-202005401-SG"
}
]
}
},
{
"product_name": "Workstation",
"version": {
"version_data": [
{
"version_value": "15.x before 15.5.2"
}
]
}
},
{
"product_name": "Fusion",
"version": {
"version_data": [
{
"version_value": "11.x before 11.5.2"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a use-after-free vulnerability in PVNVRAM. A malicious actor with local access to a virtual machine may be able to read privileged information contained in physical memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use-after-free vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"name": "20200717 VMware ESXi: Multiple vulnerabilities [CVE-2020-3963, CVE-2020-3964, CVE-2020-3965, CVE-2020-3960]",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Jul/22"
},
{
"name": "http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-3963",
"datePublished": "2020-06-25T14:50:52",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.479Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22024 (GCVE-0-2021-22024)
Vulnerability from cvelistv5
Published
2021-08-30 17:53
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Arbitrary log-file read vulnerability
Summary
The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary log-file read vulnerability. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can read any log file resulting in sensitive information disclosure.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vRealize Operations |
Version: VMware vRealize Operations (8.x prior to 8.5) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vRealize Operations",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vRealize Operations (8.x prior to 8.5)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary log-file read vulnerability. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can read any log file resulting in sensitive information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary log-file read vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-30T17:53:37",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22024",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vRealize Operations",
"version": {
"version_data": [
{
"version_value": "VMware vRealize Operations (8.x prior to 8.5)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary log-file read vulnerability. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can read any log file resulting in sensitive information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary log-file read vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22024",
"datePublished": "2021-08-30T17:53:37",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22939 (GCVE-0-2022-22939)
Vulnerability from cvelistv5
Published
2022-02-04 22:29
Modified
2024-08-03 03:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- VMware Cloud Foundation updates address an information disclosure vulnerability.
Summary
VMware Cloud Foundation contains an information disclosure vulnerability due to logging of credentials in plain-text within multiple log files on the SDDC Manager. A malicious actor with root access on VMware Cloud Foundation SDDC Manager may be able to view credentials in plaintext within one or more log files.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Cloud Foundation |
Version: VMware Cloud Foundation 4.x (before 4.3.1.1) and 3.x |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.385Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware Cloud Foundation 4.x (before 4.3.1.1) and 3.x"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Cloud Foundation contains an information disclosure vulnerability due to logging of credentials in plain-text within multiple log files on the SDDC Manager. A malicious actor with root access on VMware Cloud Foundation SDDC Manager may be able to view credentials in plaintext within one or more log files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "VMware Cloud Foundation updates address an information disclosure vulnerability.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T22:29:14",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2022-22939",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware Cloud Foundation",
"version": {
"version_data": [
{
"version_value": "VMware Cloud Foundation 4.x (before 4.3.1.1) and 3.x"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware Cloud Foundation contains an information disclosure vulnerability due to logging of credentials in plain-text within multiple log files on the SDDC Manager. A malicious actor with root access on VMware Cloud Foundation SDDC Manager may be able to view credentials in plaintext within one or more log files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "VMware Cloud Foundation updates address an information disclosure vulnerability."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2022-0003.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-22939",
"datePublished": "2022-02-04T22:29:14",
"dateReserved": "2022-01-10T00:00:00",
"dateUpdated": "2024-08-03T03:28:42.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22244 (GCVE-0-2025-22244)
Vulnerability from cvelistv5
Published
2025-06-04 19:32
Modified
2025-06-04 20:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Stored Cross-Site Scripting (XSS) vulnerability in gateway firewall
Summary
VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the gateway firewall due to improper input validation.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| VMware | VMware NSX |
Version: VMware NSX 4.0.x, VMware NSX 4.1.x, VMware NSX 4.2.x |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22244",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-04T20:04:14.043348Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T20:04:30.570Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMware NSX",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "VMware NSX 4.0.x, VMware NSX 4.1.x, VMware NSX 4.2.x"
}
]
}
],
"datePublic": "2025-06-04T19:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the gateway firewall due to improper input validation. \u003c/span\u003e"
}
],
"value": "VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the gateway firewall due to improper input validation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Stored Cross-Site Scripting (XSS) vulnerability in gateway firewall",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T19:32:17.006Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25738"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-22244",
"datePublished": "2025-06-04T19:32:17.006Z",
"dateReserved": "2025-01-02T04:30:06.834Z",
"dateUpdated": "2025-06-04T20:04:30.570Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31678 (GCVE-0-2022-31678)
Vulnerability from cvelistv5
Published
2022-10-28 00:00
Modified
2025-05-08 16:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- VMware Cloud Foundation contains an XML External Entity (XXE)
Summary
VMware Cloud Foundation (NSX-V) contains an XML External Entity (XXE) vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Cloud Foundation (NSX-V) |
Version: 3.11 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.053Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0027.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-31678",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-07T14:59:50.927655Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-08T16:02:58.243Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VMware Cloud Foundation (NSX-V)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "3.11"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Cloud Foundation (NSX-V) contains an XML External Entity (XXE) vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "VMware Cloud Foundation contains an XML External Entity (XXE)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-28T00:00:00.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0027.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-31678",
"datePublished": "2022-10-28T00:00:00.000Z",
"dateReserved": "2022-05-25T00:00:00.000Z",
"dateUpdated": "2025-05-08T16:02:58.243Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31701 (GCVE-0-2022-31701)
Vulnerability from cvelistv5
Published
2022-12-14 00:00
Modified
2025-04-22 16:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Broken Authentication Vulnerability
Summary
VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM) |
Version: VMware Workspace ONE Access (Multiple Versions) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:26:01.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0032.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-31701",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-22T16:04:18.836197Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-22T16:05:05.601Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware Workspace ONE Access (Multiple Versions)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Broken Authentication Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-14T00:00:00.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0032.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2022-31701",
"datePublished": "2022-12-14T00:00:00.000Z",
"dateReserved": "2022-05-25T00:00:00.000Z",
"dateUpdated": "2025-04-22T16:05:05.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22273 (GCVE-0-2024-22273)
Vulnerability from cvelistv5
Published
2024-05-21 17:29
Modified
2025-03-26 16:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds read/write vulnerability
Summary
The storage controllers on VMware ESXi, Workstation, and Fusion have out-of-bounds read/write vulnerability. A malicious actor with access to a virtual machine with storage controllers enabled may exploit this issue to create a denial of service condition or execute code on the hypervisor from a virtual machine in conjunction with other issues.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | n/a | VMware ESXi |
Version: 8.0 < ESXi80U2sb-23305545 Version: 7.0 < ESXi70U3sq-23794019 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:vmware:fusion:13.x:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "fusion",
"vendor": "vmware",
"versions": [
{
"status": "affected",
"version": "13.x"
}
]
},
{
"cpes": [
"cpe:2.3:a:vmware:workstation:17.x:*:*:*:*:*:*:*"
],
"defaultStatus": "affected",
"product": "workstation",
"vendor": "vmware",
"versions": [
{
"status": "affected",
"version": "17.x"
}
]
},
{
"cpes": [
"cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cloud_foundation",
"vendor": "vmware",
"versions": [
{
"status": "affected",
"version": "5.x"
},
{
"status": "affected",
"version": "4.x"
}
]
},
{
"cpes": [
"cpe:2.3:o:vmware:esxi:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "esxi",
"vendor": "vmware",
"versions": [
{
"status": "affected",
"version": "0"
},
{
"status": "affected",
"version": "7.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22273",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-22T14:29:07.429312Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-26T16:04:29.446Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMware ESXi",
"vendor": "n/a",
"versions": [
{
"lessThan": "ESXi80U2sb-23305545",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi70U3sq-23794019",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux"
],
"product": "VMware Workstation",
"vendor": "n/a",
"versions": [
{
"lessThan": "17.5.1",
"status": "affected",
"version": "17.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"MacOS"
],
"product": "VMware Fusion",
"vendor": "n/a",
"versions": [
{
"lessThan": "13.5.1",
"status": "affected",
"version": "13.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Cloud Foundation (ESXi)",
"vendor": "n/a",
"versions": [
{
"lessThan": "5.1.1",
"status": "affected",
"version": "5.x",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.x"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe storage controllers on VMware ESXi, Workstation, and Fusion have out-of-bounds read/write vulnerability.\u0026nbsp;\u003c/span\u003eA malicious actor with access to a virtual machine with storage controllers enabled may exploit this issue to create a denial of service condition or execute code on the hypervisor from a virtual machine in conjunction with other issues.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "The storage controllers on VMware ESXi, Workstation, and Fusion have out-of-bounds read/write vulnerability.\u00a0A malicious actor with access to a virtual machine with storage controllers enabled may exploit this issue to create a denial of service condition or execute code on the hypervisor from a virtual machine in conjunction with other issues."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds read/write vulnerability",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-21T17:29:05.426Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-22273",
"datePublished": "2024-05-21T17:29:05.426Z",
"dateReserved": "2024-01-08T18:43:18.957Z",
"dateUpdated": "2025-03-26T16:04:29.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22249 (GCVE-0-2025-22249)
Vulnerability from cvelistv5
Published
2025-05-13 05:08
Modified
2025-05-13 13:49
Severity ?
VLAI Severity ?
EPSS score ?
Summary
VMware Aria automation contains a DOM based Cross-Site Scripting (XSS) vulnerability. A malicious actor may exploit this issue to steal the access token of a logged in user of VMware Aria automation appliance by tricking the user into clicking a malicious crafted payload URL.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | Vmware Aria Automation |
Version: 8.18.x < 8.18.1 patch2 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22249",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-13T13:49:44.097131Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-13T13:49:59.998Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"any"
],
"product": "Vmware Aria Automation",
"vendor": "VMware",
"versions": [
{
"lessThan": "8.18.1 patch2",
"status": "affected",
"version": "8.18.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"any"
],
"product": "VMware Cloud Foundation",
"vendor": "VMware",
"versions": [
{
"lessThan": "8.18.1 patch 2",
"status": "affected",
"version": "5.x",
"versionType": "custom"
},
{
"lessThan": "8.18.1 patch 2",
"status": "affected",
"version": "4.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"any"
],
"product": "VMware Telco Cloud Platform",
"vendor": "VMware",
"versions": [
{
"lessThan": "8.18.1 patch 2",
"status": "affected",
"version": "5.x",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-05-12T10:45:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware Aria automation contains a DOM based Cross-Site Scripting (XSS) vulnerability.\u0026nbsp;\u003cp\u003eA malicious actor may exploit this issue to steal the access token of a logged in user of VMware Aria automation appliance by tricking the user into clicking a malicious crafted payload URL.\u003c/p\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware Aria automation contains a DOM based Cross-Site Scripting (XSS) vulnerability.\u00a0A malicious actor may exploit this issue to steal the access token of a logged in user of VMware Aria automation appliance by tricking the user into clicking a malicious crafted payload URL."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-13T05:08:03.265Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25711"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "VMSA-2025-0008: VMware Aria automation updates address a DOM based Cross-site scripting vulnerability (CVE-2025-22249)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-22249",
"datePublished": "2025-05-13T05:08:03.265Z",
"dateReserved": "2025-01-02T04:30:19.929Z",
"dateUpdated": "2025-05-13T13:49:59.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22025 (GCVE-0-2021-22025)
Vulnerability from cvelistv5
Published
2021-08-30 17:54
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Broken access control vulnerability
Summary
The vRealize Operations Manager API (8.x prior to 8.5) contains a broken access control vulnerability leading to unauthenticated API access. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can add new nodes to existing vROps cluster.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vRealize Operations |
Version: VMware vRealize Operations (8.x prior to 8.5) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vRealize Operations",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vRealize Operations (8.x prior to 8.5)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vRealize Operations Manager API (8.x prior to 8.5) contains a broken access control vulnerability leading to unauthenticated API access. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can add new nodes to existing vROps cluster."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Broken access control vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-30T17:54:41",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22025",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vRealize Operations",
"version": {
"version_data": [
{
"version_value": "VMware vRealize Operations (8.x prior to 8.5)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vRealize Operations Manager API (8.x prior to 8.5) contains a broken access control vulnerability leading to unauthenticated API access. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can add new nodes to existing vROps cluster."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Broken access control vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22025",
"datePublished": "2021-08-30T17:54:41",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3968 (GCVE-0-2020-3968)
Vulnerability from cvelistv5
Published
2020-06-25 14:43
Modified
2024-08-04 07:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds write vulnerability
Summary
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds write vulnerability in the USB 3.0 controller (xHCI). A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to crash the virtual machine's vmx process leading to a denial of service condition or execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker's control must be present for exploitation to be possible.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | VMware ESXi |
Version: 7.0 before ESXi_7.0.0-1.20.16321839 Version: 6.7 before ESXi670-202004101-SG Version: 6.5 before ESXi650-202005401-SG |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.492Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-781/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "7.0 before ESXi_7.0.0-1.20.16321839"
},
{
"status": "affected",
"version": "6.7 before ESXi670-202004101-SG"
},
{
"status": "affected",
"version": "6.5 before ESXi650-202005401-SG"
}
]
},
{
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "15.x before 15.5.5"
}
]
},
{
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "11.x before 11.5.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds write vulnerability in the USB 3.0 controller (xHCI). A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to crash the virtual machine\u0027s vmx process leading to a denial of service condition or execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker\u0027s control must be present for exploitation to be possible."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds write vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-30T15:06:03",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-781/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-3968",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware ESXi",
"version": {
"version_data": [
{
"version_value": "7.0 before ESXi_7.0.0-1.20.16321839"
},
{
"version_value": "6.7 before ESXi670-202004101-SG"
},
{
"version_value": "6.5 before ESXi650-202005401-SG"
}
]
}
},
{
"product_name": "Workstation",
"version": {
"version_data": [
{
"version_value": "15.x before 15.5.5"
}
]
}
},
{
"product_name": "Fusion",
"version": {
"version_data": [
{
"version_value": "11.x before 11.5.5"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds write vulnerability in the USB 3.0 controller (xHCI). A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to crash the virtual machine\u0027s vmx process leading to a denial of service condition or execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker\u0027s control must be present for exploitation to be possible."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds write vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-781/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-781/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-3968",
"datePublished": "2020-06-25T14:43:59",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.492Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22023 (GCVE-0-2021-22023)
Vulnerability from cvelistv5
Published
2021-08-30 17:53
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Insecure direct object reference vulnerability
Summary
The vRealize Operations Manager API (8.x prior to 8.5) has insecure object reference vulnerability. A malicious actor with administrative access to vRealize Operations Manager API may be able to modify other users information leading to an account takeover.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vRealize Operations |
Version: VMware vRealize Operations (8.x prior to 8.5) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.936Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vRealize Operations",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vRealize Operations (8.x prior to 8.5)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vRealize Operations Manager API (8.x prior to 8.5) has insecure object reference vulnerability. A malicious actor with administrative access to vRealize Operations Manager API may be able to modify other users information leading to an account takeover."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Insecure direct object reference vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-30T17:53:35",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22023",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vRealize Operations",
"version": {
"version_data": [
{
"version_value": "VMware vRealize Operations (8.x prior to 8.5)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vRealize Operations Manager API (8.x prior to 8.5) has insecure object reference vulnerability. A malicious actor with administrative access to vRealize Operations Manager API may be able to modify other users information leading to an account takeover."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insecure direct object reference vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22023",
"datePublished": "2021-08-30T17:53:35",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22027 (GCVE-0-2021-22027)
Vulnerability from cvelistv5
Published
2021-08-30 17:54
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Server Side Request Forgery
Summary
The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information disclosure.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vRealize Operations |
Version: VMware vRealize Operations (8.x prior to 8.5) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.955Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vRealize Operations",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware vRealize Operations (8.x prior to 8.5)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Server Side Request Forgery",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-30T17:54:39",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22027",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vRealize Operations",
"version": {
"version_data": [
{
"version_value": "VMware vRealize Operations (8.x prior to 8.5)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Server Side Request Forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22027",
"datePublished": "2021-08-30T17:54:40",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37080 (GCVE-0-2024-37080)
Vulnerability from cvelistv5
Published
2024-06-18 05:43
Modified
2025-03-13 14:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap-overflow vulnerability
Summary
vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | n/a | VMware vCenter Server |
Version: 8.0 < 8.0 U2d Version: 8.0 < 8.0 U1e Version: 7.0 < 7.0 U3r |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:vmware:cloud_foundation:4.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cloud_foundation",
"vendor": "vmware",
"versions": [
{
"lessThan": "6.0",
"status": "affected",
"version": "4.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:vmware:vcenter_server:8.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "vcenter_server",
"vendor": "vmware",
"versions": [
{
"lessThan": "8.0u2d",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "8.0u1e",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vcenter_server",
"vendor": "vmware",
"versions": [
{
"lessThan": "7.0u3r",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37080",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-30T03:55:59.700292Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T14:42:40.974Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:43:50.978Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VMware vCenter Server",
"vendor": "n/a",
"versions": [
{
"lessThan": "8.0 U2d",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "8.0 U1e",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "7.0 U3r",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Cloud Foundation",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "5.x"
},
{
"status": "affected",
"version": "4.x"
}
]
}
],
"datePublic": "2024-06-17T16:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003evCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. \u003c/span\u003eA malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-overflow vulnerability",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-18T05:43:10.901Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-37080",
"datePublished": "2024-06-18T05:43:10.901Z",
"dateReserved": "2024-06-03T05:40:17.631Z",
"dateUpdated": "2025-03-13T14:42:40.974Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20864 (GCVE-0-2023-20864)
Vulnerability from cvelistv5
Published
2023-04-20 00:00
Modified
2025-02-05 15:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- VMware Aria Operations for Logs contains a deserialization vulnerability
Summary
VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware Aria Operations for Logs (formerly vRealize Log Insight) |
Version: VMware Aria Operations for Logs (formerly vRealize Log Insight) 8.10.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:21:33.368Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0007.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-20864",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T15:26:56.179058Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T15:28:19.391Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "VMware Aria Operations for Logs (formerly vRealize Log Insight)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware Aria Operations for Logs (formerly vRealize Log Insight) 8.10.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "VMware Aria Operations for Logs contains a deserialization vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-20T00:00:00.000Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0007.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2023-20864",
"datePublished": "2023-04-20T00:00:00.000Z",
"dateReserved": "2022-11-01T00:00:00.000Z",
"dateUpdated": "2025-02-05T15:28:19.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22033 (GCVE-0-2021-22033)
Vulnerability from cvelistv5
Published
2021-10-13 15:42
Modified
2024-08-03 18:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- SSRF
Summary
Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | VMware vRealize Operations |
Version: Releases prior to VMware vRealize Operations 8.6 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:30:23.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VMware vRealize Operations",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Releases prior to VMware vRealize Operations 8.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "SSRF",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-13T15:42:58",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0021.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2021-22033",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware vRealize Operations",
"version": {
"version_data": [
{
"version_value": "Releases prior to VMware vRealize Operations 8.6"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SSRF"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0021.html",
"refsource": "MISC",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0021.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2021-22033",
"datePublished": "2021-10-13T15:42:58",
"dateReserved": "2021-01-04T00:00:00",
"dateUpdated": "2024-08-03T18:30:23.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2021-10-13 16:15
Modified
2024-11-21 05:49
Severity ?
Summary
VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. An authenticated malicious actor with non-administrative privileges may be able to embed untrusted data prior to exporting a CSV sheet through Log Insight which could be executed in user's environment.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0022.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0022.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vrealize_log_insight | * | |
| vmware | vrealize_suite_lifecycle_manager | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67763E17-BABE-4A25-95BC-2B5F1666705C",
"versionEndIncluding": "4.3.1",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_log_insight:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BECE8925-3981-4FB9-979E-CDFC1A55A13F",
"versionEndExcluding": "8.60",
"versionStartExcluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "61B2C07D-4AD4-458B-86CA-FB2CA45A8EA7",
"versionEndIncluding": "8.2",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. An authenticated malicious actor with non-administrative privileges may be able to embed untrusted data prior to exporting a CSV sheet through Log Insight which could be executed in user\u0027s environment."
},
{
"lang": "es",
"value": "VMware vRealize Log Insight (versiones 8.x anteriores a 8.6) contienen una vulnerabilidad de inyecci\u00f3n de CSV (Valores Separados por Comas) en la funci\u00f3n interactive analytics export. Un actor malicioso autenticado con privilegios no administrativos puede ser capaz de insertar datos no confiables antes de exportar una hoja CSV mediante Log Insight que podr\u00eda ser ejecutada en el entorno del usuario"
}
],
"id": "CVE-2021-22035",
"lastModified": "2024-11-21T05:49:28.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-13T16:15:07.690",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0022.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-22 19:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens. A malicious actor with non-administrative user access on vCenter Server host may exploit this issue to escalate privileges to Administrator on the vSphere Client (HTML5) or vCenter Server vSphere Web Client (FLEX/Flash).
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "127DEE95-0B04-4A98-B96A-15CC253C7357",
"versionEndExcluding": "3.10.2.2",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "722CF000-C0A1-4704-BDC6-3446D1530F3B",
"versionEndExcluding": "4.3",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*",
"matchCriteriaId": "CF7DDB0C-3C07-4B5E-8B8A-0542FEE72877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*",
"matchCriteriaId": "1DD16169-A7DF-4604-888C-156A60018E32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*",
"matchCriteriaId": "46FC9F34-C8FA-4AFE-9F4A-7CF9516BD4D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*",
"matchCriteriaId": "D26534EB-327B-4ED6-A3E1-005552CB1F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*",
"matchCriteriaId": "786CDD50-7E18-4437-8DB9-2D0ADECD436E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*",
"matchCriteriaId": "B2CE8DAE-0E78-4004-983D-1ECD8855EC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1:*:*:*:*:*:*",
"matchCriteriaId": "7E51F433-1152-4E94-AF77-970230B1A574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1b:*:*:*:*:*:*",
"matchCriteriaId": "0064D104-E0D8-481A-9029-D3726A1A9CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1c:*:*:*:*:*:*",
"matchCriteriaId": "9B4D3F61-6CD9-411F-A205-EB06A57EBB4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1d:*:*:*:*:*:*",
"matchCriteriaId": "F72A1E9C-F960-4E8C-A46C-B38209E6349E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1e:*:*:*:*:*:*",
"matchCriteriaId": "2C33CE46-F529-4EA9-9344-6ED3BFA7019D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1g:*:*:*:*:*:*",
"matchCriteriaId": "9F1D8161-0E02-45C9-BF61-14799AB65E03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2:*:*:*:*:*:*",
"matchCriteriaId": "1F2CB1FF-6118-4875-945D-07BAA3A21FFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2b:*:*:*:*:*:*",
"matchCriteriaId": "1AEDA28A-5C8E-4E95-A377-3BE530DBEAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2c:*:*:*:*:*:*",
"matchCriteriaId": "BDDC6510-3116-4578-80C8-8EF044A8370A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2d:*:*:*:*:*:*",
"matchCriteriaId": "8678DB48-CB98-4E4C-ADE6-CABA73265FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2g:*:*:*:*:*:*",
"matchCriteriaId": "DBD9A341-1FBF-4E04-848B-550DEB27261A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3:*:*:*:*:*:*",
"matchCriteriaId": "4955663C-1BB6-4F3E-9D4B-362DF144B7F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3d:*:*:*:*:*:*",
"matchCriteriaId": "CE0F8453-3D6C-4F1C-9167-3F02E3D905DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3f:*:*:*:*:*:*",
"matchCriteriaId": "0EAD4045-A7F9-464F-ABB9-3782941162CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3k:*:*:*:*:*:*",
"matchCriteriaId": "2F0A79C2-33AE-40C5-A853-770A4C691F29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3n:*:*:*:*:*:*",
"matchCriteriaId": "D8BB6CBC-11D6-40A4-ABAF-53AB9BED5A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3p:*:*:*:*:*:*",
"matchCriteriaId": "26A3EC15-8C04-49AD-9045-4D9FADBD50CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EEF33103-ECDD-427B-A445-2D7F90202FCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*",
"matchCriteriaId": "5241C282-A02B-44B2-B6CA-BA3A99F9737C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*",
"matchCriteriaId": "04A60AC7-C2EA-4DBF-9743-54D708584AFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*",
"matchCriteriaId": "8A91B0C4-F184-459E-AFD3-DE0E351CC964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1:*:*:*:*:*:*",
"matchCriteriaId": "23253631-2655-48A8-9B00-CB984232329C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1b:*:*:*:*:*:*",
"matchCriteriaId": "50C2A9A8-0E66-4702-BCD4-74622108E7A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2:*:*:*:*:*:*",
"matchCriteriaId": "EE4D3E2A-C32D-408F-B811-EF8BC86F0D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2a:*:*:*:*:*:*",
"matchCriteriaId": "31CA7802-D78D-4BAD-A45A-68B601C010C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2c:*:*:*:*:*:*",
"matchCriteriaId": "3B98981B-4721-4752-BAB4-361DB5AEB86F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3:*:*:*:*:*:*",
"matchCriteriaId": "04487105-980A-4943-9360-4442BF0411E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3a:*:*:*:*:*:*",
"matchCriteriaId": "24D24E06-EB3F-4F11-849B-E66757B01466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3b:*:*:*:*:*:*",
"matchCriteriaId": "8AF12716-88E2-44B5-ACD7-BCBECA130FB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3f:*:*:*:*:*:*",
"matchCriteriaId": "3352212C-E820-47B3-BDF5-57018F5B9E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3g:*:*:*:*:*:*",
"matchCriteriaId": "6436ADFD-6B94-4D2A-B09B-CED4EC6CA276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3j:*:*:*:*:*:*",
"matchCriteriaId": "D06832CE-F946-469D-B495-6735F18D02A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3l:*:*:*:*:*:*",
"matchCriteriaId": "726AC46D-9EA8-4FE8-94B8-0562935458F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3m:*:*:*:*:*:*",
"matchCriteriaId": "0243D22F-1591-4A95-A7FE-2658CEE0C08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3n:*:*:*:*:*:*",
"matchCriteriaId": "02AE5983-CD14-4EAF-9F5C-1281E3DE7F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
"matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*",
"matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*",
"matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*",
"matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "0FC6765A-6584-45A8-9B21-4951D2EA8939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "85DD238C-EF73-44F0-928E-A94FF5C4B378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "F4CA36C1-732E-41AE-B847-F7411B753F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "0DA882B6-D811-4E4B-B614-2D48F0B9036E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2b:*:*:*:*:*:*",
"matchCriteriaId": "8D30A78E-16D0-4A2E-A2F8-F6073698243E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens. A malicious actor with non-administrative user access on vCenter Server host may exploit this issue to escalate privileges to Administrator on the vSphere Client (HTML5) or vCenter Server vSphere Web Client (FLEX/Flash)."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de escalada de privilegios local debido a la forma en que maneja los tokens de sesi\u00f3n. Un actor malicioso con acceso de usuario no administrativo en el host de vCenter Server puede explotar este problema para escalar los privilegios a administrador en vSphere Client (HTML5) o vCenter Server vSphere Web Client (FLEX/Flash)"
}
],
"id": "CVE-2021-21991",
"lastModified": "2024-11-21T05:49:23.853",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-22T19:15:09.093",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-07-11 05:15
Modified
2025-03-14 19:15
Severity ?
8.5 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Summary
VMware Aria Automation does not apply correct input validation which allows for SQL-injection in the product. An authenticated malicious user could enter specially crafted SQL queries and perform unauthorised read/write operations in the database.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24598 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24598 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | aria_automation | * | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:aria_automation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4AF63A2-3926-40AD-B8EF-091B01ADE7F7",
"versionEndExcluding": "8.17.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D725D84-6426-459F-9B49-ADE7A13FA19A",
"versionEndIncluding": "5.0",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Automation does not apply correct input validation which allows for SQL-injection in the product.\u00a0An authenticated malicious user could enter specially crafted SQL queries and perform unauthorised read/write operations in the database."
},
{
"lang": "es",
"value": "VMware Aria Automation no aplica la validaci\u00f3n de entrada correcta que permite la inyecci\u00f3n de SQL en el producto. Un usuario malintencionado autenticado podr\u00eda ingresar consultas SQL especialmente manipuladas y realizar operaciones de lectura/escritura no autorizadas en la base de datos."
}
],
"id": "CVE-2024-22280",
"lastModified": "2025-03-14T19:15:44.857",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 4.7,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-07-11T05:15:10.123",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24598"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24598"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-25 15:15
Modified
2024-11-21 05:32
Severity ?
Summary
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the EHCI USB controller. A malicious actor with local access to a virtual machine may be able to read privileged information contained in the hypervisor's memory. Additional conditions beyond the attacker's control need to be present for exploitation to be possible.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html | Exploit, Third Party Advisory, VDB Entry | |
| security@vmware.com | http://seclists.org/fulldisclosure/2020/Jul/22 | Mailing List, Third Party Advisory | |
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2020-0015.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2020/Jul/22 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2020-0015.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | fusion | * | |
| vmware | workstation | * | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 7.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F22BFA96-7E07-4E05-90A4-45A2F2FC2064",
"versionEndExcluding": "3.10",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02A5A8AC-4C6C-4E95-B730-00783FB79DFF",
"versionEndExcluding": "4.0.1",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7448F9A-9D9B-47BC-ACD1-18199A70D148",
"versionEndExcluding": "11.5.2",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A3302D-706B-4260-8407-121D7C2F0867",
"versionEndExcluding": "15.5.2",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*",
"matchCriteriaId": "7F916A39-13BD-44A7-A9EC-1FD40EBE357C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*",
"matchCriteriaId": "4F8219B4-1FC2-4383-83E6-92DF700C72D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*",
"matchCriteriaId": "C44C9D6A-8BBE-4970-A732-B9F86D42A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*",
"matchCriteriaId": "427F4ED8-8782-4BDF-A559-11CB8E0A65F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*",
"matchCriteriaId": "63DDC95E-BBCD-4A68-9AFB-B5F9D206818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*",
"matchCriteriaId": "B27E3424-5D4E-4E5D-8762-7AECBB11FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2D217AAB-D45F-480B-8F82-16B261F370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*",
"matchCriteriaId": "1B58312B-D72B-4F13-9EF5-0F42CE592757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*",
"matchCriteriaId": "8FBB88C2-793A-40F2-AA40-EC315115AE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*",
"matchCriteriaId": "21F59801-904B-427F-A1A9-C933E38AB7AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*",
"matchCriteriaId": "5A3FFDE9-FD36-41F9-AC35-E14BB6AEF7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*",
"matchCriteriaId": "D22AFAE1-F817-4037-8EE5-AF04314AAAB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*",
"matchCriteriaId": "8D4C44D6-73AD-48A3-B5F3-31B1FDC77E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*",
"matchCriteriaId": "5D1694B2-1CD9-4943-8CFF-38218CDB88F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*",
"matchCriteriaId": "154B54C8-1D65-4D3E-A64B-CF2D21E71FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*",
"matchCriteriaId": "D86BCD56-4BD6-4C61-B80E-12E47D12A00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*",
"matchCriteriaId": "6741A159-1D92-4E25-BD43-606DE1138D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*",
"matchCriteriaId": "DCC98C53-EEC1-4CFE-9C31-9F2592723B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*",
"matchCriteriaId": "9969057F-BD3A-474E-8A02-087575A8AA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*",
"matchCriteriaId": "7111974A-2A88-4209-8CBB-F872993AE4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*",
"matchCriteriaId": "35722902-3652-44F1-89C2-08EB51F2A1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*",
"matchCriteriaId": "E469AC46-D464-4960-8F23-CA59B3DCB7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*",
"matchCriteriaId": "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*",
"matchCriteriaId": "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*",
"matchCriteriaId": "739948F5-E005-49E3-B412-4E035C7D95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*",
"matchCriteriaId": "D1828A75-5088-4992-A06B-A58B62536F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*",
"matchCriteriaId": "58030F5A-82E1-4D54-A8F0-30CAAD4C8402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*",
"matchCriteriaId": "9A013753-5E40-4CD8-A649-6CD023E0A970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*",
"matchCriteriaId": "F554BC79-A92C-4287-9D94-3657C48E36CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*",
"matchCriteriaId": "F82710D4-3FAB-469F-B15C-F22B4786AE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*",
"matchCriteriaId": "BDE7B96D-AD37-406D-AF62-3797E7A55119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*",
"matchCriteriaId": "A9C294EC-F0BE-44DA-9073-D29D693F0964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*",
"matchCriteriaId": "E05B6CD2-A581-46C2-AEA7-D8A6028FB466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*",
"matchCriteriaId": "6CEC1380-E75E-40B5-BDE8-94E12317CCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*",
"matchCriteriaId": "C7B7079D-785C-4941-929A-C82B54809728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*",
"matchCriteriaId": "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*",
"matchCriteriaId": "31F8FFF5-25BD-408D-9089-567AF16BA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*",
"matchCriteriaId": "EE834CFD-5533-4989-8836-D0F07ED4919C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*",
"matchCriteriaId": "092F9149-6B82-48CD-B90C-87DB36881F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*",
"matchCriteriaId": "B2EA0EC1-0139-403C-AC9B-08D8530F4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*",
"matchCriteriaId": "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*",
"matchCriteriaId": "755CCD27-3C87-497F-BDBB-48D3163909A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*",
"matchCriteriaId": "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*",
"matchCriteriaId": "1CE71B5C-586B-4829-9A7E-3A008A1C1E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*",
"matchCriteriaId": "802A1549-678C-4001-807B-97AD0953B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*",
"matchCriteriaId": "A6024926-4AE4-4609-99DE-E3173A72058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*",
"matchCriteriaId": "AB1CAAFF-616A-4455-86CA-0ED553D3D27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*",
"matchCriteriaId": "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*",
"matchCriteriaId": "13C713B1-AEA0-40B0-829E-4D0A23808577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004301:*:*:*:*:*:*",
"matchCriteriaId": "04BAED99-1BF3-4089-B6E6-0BE505E6D846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004401:*:*:*:*:*:*",
"matchCriteriaId": "F318EA34-1EB7-484D-B016-3173683B0823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004402:*:*:*:*:*:*",
"matchCriteriaId": "08254171-3483-4796-AD29-8C8A66BEA7A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004403:*:*:*:*:*:*",
"matchCriteriaId": "BB87B220-ED25-4818-8E70-A9663CCEF005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004404:*:*:*:*:*:*",
"matchCriteriaId": "1275D19D-05C0-42F8-8402-647E512DAC72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004405:*:*:*:*:*:*",
"matchCriteriaId": "7D919EB9-F45B-4A4B-9887-7DE98065B766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004406:*:*:*:*:*:*",
"matchCriteriaId": "6CB29FBD-2AD3-49D0-9F49-AE4DD9192C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004407:*:*:*:*:*:*",
"matchCriteriaId": "C2ACA3A8-5B40-45C4-B47F-0DCF04D6700F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004408:*:*:*:*:*:*",
"matchCriteriaId": "92E98665-4919-4D45-88CF-28835DADD6E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C0A275B7-DBF3-4332-8B5F-C9CAD84229B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "70F4DA98-C1D3-489E-958C-B466BEAD772B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the EHCI USB controller. A malicious actor with local access to a virtual machine may be able to read privileged information contained in the hypervisor\u0027s memory. Additional conditions beyond the attacker\u0027s control need to be present for exploitation to be possible."
},
{
"lang": "es",
"value": "VMware ESXi (versiones 7.0 anteriores a ESXi_7.0.0-1.20.16321839, versiones 6.7 anteriores a ESXi670-202006401-SG y versiones 6.5 anteriores a ESXi650-202005401-SG), Workstation (versiones 15.x anteriores a 15.5.2) y Fusion (versiones 11.x anteriores a 11.5. 2), contiene una filtraci\u00f3n de informaci\u00f3n en el controlador USB EHCI. Un actor malicioso con acceso local a una m\u00e1quina virtual puede ser capaz de leer informaci\u00f3n privilegiada contenida en la memoria del hipervisor. Las condiciones adicionales m\u00e1s all\u00e1 del control del atacante deben estar presentes para que la explotaci\u00f3n pueda ser posible"
}
],
"id": "CVE-2020-3964",
"lastModified": "2024-11-21T05:32:04.310",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-25T15:15:11.117",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html"
},
{
"source": "security@vmware.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Jul/22"
},
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Jul/22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-908"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 12:15
Modified
2024-11-21 05:49
Severity ?
Summary
vCenter Server contains an unauthenticated API endpoint vulnerability in vCenter Server Content Library. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to perform unauthenticated VM network setting manipulation.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5071E0B4-FE4B-4525-BAF6-3900D9C8D48D",
"versionEndExcluding": "5.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vCenter Server contains an unauthenticated API endpoint vulnerability in vCenter Server Content Library. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to perform unauthenticated VM network setting manipulation."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de endpoint de API no autenticada en vCenter Server Content Library. Un actor malicioso con acceso de red al puerto 443 en vCenter Server puede explotar este problema para llevar a cabo una manipulaci\u00f3n no autenticada de la configuraci\u00f3n de red de las M\u00e1quinas Virtuales"
}
],
"id": "CVE-2021-22011",
"lastModified": "2024-11-21T05:49:26.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T12:15:07.990",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-20 21:15
Modified
2024-11-21 06:47
Severity ?
Summary
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | identity_manager | 3.3.3 | |
| vmware | identity_manager | 3.3.4 | |
| vmware | identity_manager | 3.3.5 | |
| vmware | identity_manager | 3.3.6 | |
| vmware | vrealize_automation | 7.6 | |
| vmware | workspace_one_access | 20.10.0.0 | |
| vmware | workspace_one_access | 20.10.0.1 | |
| vmware | workspace_one_access | 21.08.0.0 | |
| vmware | workspace_one_access | 21.08.0.1 | |
| linux | linux_kernel | - | |
| vmware | cloud_foundation | 3.0 | |
| vmware | cloud_foundation | 3.0.1 | |
| vmware | cloud_foundation | 3.0.1.1 | |
| vmware | cloud_foundation | 3.5 | |
| vmware | cloud_foundation | 3.5.1 | |
| vmware | cloud_foundation | 3.7 | |
| vmware | cloud_foundation | 3.7.1 | |
| vmware | cloud_foundation | 3.7.2 | |
| vmware | cloud_foundation | 3.8 | |
| vmware | cloud_foundation | 3.8.1 | |
| vmware | cloud_foundation | 3.9 | |
| vmware | cloud_foundation | 3.9.1 | |
| vmware | cloud_foundation | 3.10 | |
| vmware | cloud_foundation | 3.10.1 | |
| vmware | cloud_foundation | 3.10.1.1 | |
| vmware | cloud_foundation | 3.10.1.2 | |
| vmware | cloud_foundation | 3.10.2.1 | |
| vmware | cloud_foundation | 3.10.2.2 | |
| vmware | cloud_foundation | 3.11 | |
| vmware | cloud_foundation | 3.11.0.1 | |
| vmware | cloud_foundation | 4.0 | |
| vmware | cloud_foundation | 4.0.1 | |
| vmware | cloud_foundation | 4.1 | |
| vmware | cloud_foundation | 4.1.0.1 | |
| vmware | cloud_foundation | 4.2 | |
| vmware | cloud_foundation | 4.2.1 | |
| vmware | cloud_foundation | 4.3 | |
| vmware | cloud_foundation | 4.3.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.0 | |
| vmware | vrealize_suite_lifecycle_manager | 8.0.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.2 | |
| vmware | vrealize_suite_lifecycle_manager | 8.2 | |
| vmware | vrealize_suite_lifecycle_manager | 8.2 | |
| vmware | vrealize_suite_lifecycle_manager | 8.2 | |
| vmware | vrealize_suite_lifecycle_manager | 8.3 | |
| vmware | vrealize_suite_lifecycle_manager | 8.3 | |
| vmware | vrealize_suite_lifecycle_manager | 8.3 | |
| vmware | vrealize_suite_lifecycle_manager | 8.3 | |
| vmware | vrealize_suite_lifecycle_manager | 8.4 | |
| vmware | vrealize_suite_lifecycle_manager | 8.4 | |
| vmware | vrealize_suite_lifecycle_manager | 8.4.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.4.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.4.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.4.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.6 | |
| vmware | vrealize_suite_lifecycle_manager | 8.6 | |
| vmware | vrealize_suite_lifecycle_manager | 8.6.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.6.2 | |
| vmware | vrealize_suite_lifecycle_manager | 8.7 | |
| vmware | vrealize_suite_lifecycle_manager | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "97D98937-489B-4AA5-B99E-9AB639C582CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0E93CB5E-CB4A-474A-9901-2E098928C489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A215A7D-F644-41DE-AB4E-69145DA48F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBB8190-2101-4EE5-844E-B46E7FB78FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_automation:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "471BB5AF-3744-45FE-937D-BBEC421035EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:20.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "639F6029-DE62-49BD-A767-C5D499389C37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:20.10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88AD029C-7707-4F1E-BE7F-2DE27D384538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:21.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "57375AD7-8042-472F-B49E-653C77EAFA48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:21.08.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AC3DC465-1FA7-4F5B-9A9A-12F8FB4CE146",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BA79AC0-A0CC-4EE6-AEF5-9B8C8EA2C9F1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BEACD8D-30EF-44FE-839B-DA69E6CED23A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36847AD6-88CC-4228-AB4E-5161B381267C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC3C214-DEFC-48D9-8728-31F19095375E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF5CF56-8DE1-42F5-9EC1-E5666DD7FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36668618-33C3-460A-879B-A9741405C9D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8266FD66-3BB6-4720-9D9F-06EFB38FA4B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8D4C25D3-BC49-4727-B7A2-28C0F2E647EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3E9AB6FF-D508-42FF-8FB9-24B96AE2F03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "328785AE-390C-4CA2-9771-4A26387E4E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298B797F-C3B6-445C-AADB-8633B446F10F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F97BA12F-A60D-4398-9CA8-DE2F7BACBA8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E19009EB-02D3-424A-947D-7B66EFCCE422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "89656A51-0840-4A27-B05B-7E54B0CF0521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "11C27637-44C5-4678-AF19-82E6CB9B15E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D26128AF-864F-403E-A491-437FEC0BE1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8A8D11F7-A6C1-4E9A-A288-B90B90B0CAB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB2DDABB-1590-4AE7-B96D-BB7FB209582D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6A79A33F-A1FF-438F-BC77-94ACC45F5488",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "42DF0955-2FDD-46BF-9932-AF2C8F8A7599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "25759430-C6E1-45F9-B149-3091730CCB77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "38EB0C0C-56CF-4A8F-A36F-E0E180B9059E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A54544F5-5929-4609-A91C-FCA0FDBFE862",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA6D6348-E71A-4DA4-AC84-51397B2461A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8EC0B43-8667-45D6-BF97-03DDFFAD2AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E841E8EF-9500-4937-BAC4-8AB76C96A3EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4C5700-1AFE-49F6-AC92-09F2349345ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B23891F3-08B7-480B-9B83-81381E33212F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC07793-6DB1-4ACD-976D-A370FFAE505A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3318D91-40AC-4649-8FCD-4557C8F934B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A06C29AB-1EAF-43EF-96C3-9E3468911B2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "43723EC2-295E-4AF7-B654-70F9E42F4807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB84C30-EE5D-4C15-A74E-7B2B3E0DED4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.2:patch1:*:*:*:*:*:*",
"matchCriteriaId": "FD4A0BCE-E22E-419E-9CC0-7D535CC49E02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.2:patch2:*:*:*:*:*:*",
"matchCriteriaId": "80868C66-E615-47E3-BA67-152FE833A10B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.2:patch3:*:*:*:*:*:*",
"matchCriteriaId": "7DF3AFD0-1DDD-4F9D-BD33-85978CF101ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E80F36FA-EE84-47BE-95EB-17B49FBCC86F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.3:patch1:*:*:*:*:*:*",
"matchCriteriaId": "85854D70-E8A1-4AD9-872B-8D9BEEB7FAFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.3:patch2:*:*:*:*:*:*",
"matchCriteriaId": "9CF575E5-0FB4-4EC6-AE02-0565A976B98B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.3:patch3:*:*:*:*:*:*",
"matchCriteriaId": "A99C818B-7215-4422-87C4-D500F6931442",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3617E4AC-630F-4AF2-855A-872AD2ECC3A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.4:patch1:*:*:*:*:*:*",
"matchCriteriaId": "969F3DA5-A0C3-4F30-B786-46BCC280D6D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B8D22C-1C36-4125-9C58-1C2472EF64F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.4.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "356479A9-C5F9-4714-A29A-464FE738F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.4.1:patch2:*:*:*:*:*:*",
"matchCriteriaId": "95D8DEAC-50BF-4B1B-B3EC-E9D54EEC0755",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.4.1:patch3:*:*:*:*:*:*",
"matchCriteriaId": "B16A6A96-C904-416F-A4D3-FB22CAC07610",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "73825FF7-AFD1-4948-ABB7-0E73D4AC72C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.6:patch1:*:*:*:*:*:*",
"matchCriteriaId": "3BAC746E-7897-4ED0-8120-2953A5CECF1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A07377B1-9536-4EDE-AA25-FAD474855711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D0DF26D0-EBCD-4E35-9218-74B56DCB7A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F065F309-E25C-4CB2-85DD-98ED3648B069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1E88B150-4BB0-40FC-9333-737C97BADE09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate."
},
{
"lang": "es",
"value": "VMware Workspace ONE Access, Identity Manager y vRealize Automation contienen una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n que afecta a usuarios del dominio local. Un actor malicioso con acceso de red a la interfaz de usuario puede obtener acceso administrativo sin necesidad de autenticarse"
}
],
"id": "CVE-2022-22972",
"lastModified": "2024-11-21T06:47:43.177",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-20T21:15:09.847",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0014.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-30 18:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary file read vulnerability. A malicious actor with administrative access to vRealize Operations Manager API can read any arbitrary file on server leading to information disclosure.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0018.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0018.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | vrealize_operations_manager | * | |
| vmware | vrealize_operations_manager | 7.5.0 | |
| vmware | vrealize_suite_lifecycle_manager | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE39D06C-8AF4-4978-BCFD-80FB0A36C93A",
"versionEndIncluding": "3.10.2.1",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6A3FA17-BA09-499D-BAC7-053B380DF443",
"versionEndIncluding": "4.2.1",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B12F2BE9-8DA7-4BF0-85C0-0B5D6C4532A8",
"versionEndExcluding": "8.5.0",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:7.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC6471F-2FB5-4C7A-9B5D-0B08A8E2C08C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4767C7D-8165-43A6-8F16-12F8EE65FDFB",
"versionEndIncluding": "8.2",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary file read vulnerability. A malicious actor with administrative access to vRealize Operations Manager API can read any arbitrary file on server leading to information disclosure."
},
{
"lang": "es",
"value": "La API de vRealize Operations Manager ( versiones 8.x anteriores a 8.5), contiene una vulnerabilidad de lectura arbitraria de archivos. Un actor malicioso con acceso administrativo a la API de vRealize Operations Manager puede leer cualquier archivo arbitrario en el servidor, conllevando a una divulgaci\u00f3n de informaci\u00f3n.\n"
}
],
"id": "CVE-2021-22022",
"lastModified": "2024-11-21T05:49:27.393",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-30T18:15:08.230",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-18 06:15
Modified
2025-03-14 14:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "CC974CA1-88D3-42E4-BF1F-28870F8171B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:a:*:*:*:*:*:*",
"matchCriteriaId": "EFE63984-F69B-4593-9AEC-D179D6D98B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:b:*:*:*:*:*:*",
"matchCriteriaId": "34D1F3B3-8E3F-4E4D-8EE6-2F593663B5CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:c:*:*:*:*:*:*",
"matchCriteriaId": "16F3D992-9F48-4604-9AAF-DC2D1CE98BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "C745A7E6-4760-48CD-B7C4-1C2C20217F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "A5522514-8ED9-45DB-9036-33FE40D77E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1b:*:*:*:*:*:*",
"matchCriteriaId": "8C27C660-E917-4944-8B4C-41D9622B76D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "56CFB469-B3E6-4503-A47C-D18206D4D19A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "67024A43-9E13-4F4E-B711-731792DA3840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "604F559F-1775-4F29-996E-9079B99345B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "61DC9400-5AEE-49AC-9925-0A96E32BD8C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2b:*:*:*:*:*:*",
"matchCriteriaId": "98C1B77E-AB0E-4E8A-8294-2D3D230CDF9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2c:*:*:*:*:*:*",
"matchCriteriaId": "8EC8BEF1-7908-46C0-841A-834778D1A863",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
"matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*",
"matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*",
"matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*",
"matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "0FC6765A-6584-45A8-9B21-4951D2EA8939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "85DD238C-EF73-44F0-928E-A94FF5C4B378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "F4CA36C1-732E-41AE-B847-F7411B753F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "0DA882B6-D811-4E4B-B614-2D48F0B9036E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2b:*:*:*:*:*:*",
"matchCriteriaId": "8D30A78E-16D0-4A2E-A2F8-F6073698243E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2c:*:*:*:*:*:*",
"matchCriteriaId": "188E103E-9568-4CE0-A984-141B2A9E82D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2d:*:*:*:*:*:*",
"matchCriteriaId": "B266439F-E911-4C95-9D27-88DF96DDCCD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "6508A908-EF14-4A72-AC75-5DA6F8B98A0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3a:*:*:*:*:*:*",
"matchCriteriaId": "3BAD2012-5C82-4EA9-A780-9BF1DA5A18AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3c:*:*:*:*:*:*",
"matchCriteriaId": "58597F18-0B23-4D21-9ABA-D9773958F10E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3d:*:*:*:*:*:*",
"matchCriteriaId": "ADF46C54-313B-4742-A074-EEA0A6554680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3e:*:*:*:*:*:*",
"matchCriteriaId": "9587F800-57BC-44B6-870E-95691684FC46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3f:*:*:*:*:*:*",
"matchCriteriaId": "AD148A75-5076-416D-AFD6-0F281DA0A82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3g:*:*:*:*:*:*",
"matchCriteriaId": "956CEA8C-F8C4-41BD-85B4-44FE3A772E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3h:*:*:*:*:*:*",
"matchCriteriaId": "008AEA0F-116B-4AF8-B3A7-3041CCE25235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3i:*:*:*:*:*:*",
"matchCriteriaId": "EE486B2F-AED4-4FCE-A674-DFC25844FEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3j:*:*:*:*:*:*",
"matchCriteriaId": "4F73AA9E-51E9-4FA0-813D-AD05FDC3EF94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3k:*:*:*:*:*:*",
"matchCriteriaId": "455DD46E-A071-476D-8914-767485E45F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3l:*:*:*:*:*:*",
"matchCriteriaId": "3A422D04-48DF-4A16-94F8-D5702CC2782D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3m:*:*:*:*:*:*",
"matchCriteriaId": "806E9219-CDF4-4E62-978E-334E96A94BA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3n:*:*:*:*:*:*",
"matchCriteriaId": "34D8B182-4E71-4655-8DD8-743A3EF6DC8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3o:*:*:*:*:*:*",
"matchCriteriaId": "8D8F6CC7-6B6D-4079-9E2C-A85C4616FF92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3p:*:*:*:*:*:*",
"matchCriteriaId": "A814F0AB-4AEB-4139-976F-425A4A9EC67B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
"matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*",
"matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*",
"matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*",
"matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "0FC6765A-6584-45A8-9B21-4951D2EA8939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "85DD238C-EF73-44F0-928E-A94FF5C4B378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "F4CA36C1-732E-41AE-B847-F7411B753F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "0DA882B6-D811-4E4B-B614-2D48F0B9036E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2b:*:*:*:*:*:*",
"matchCriteriaId": "8D30A78E-16D0-4A2E-A2F8-F6073698243E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2c:*:*:*:*:*:*",
"matchCriteriaId": "188E103E-9568-4CE0-A984-141B2A9E82D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2d:*:*:*:*:*:*",
"matchCriteriaId": "B266439F-E911-4C95-9D27-88DF96DDCCD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "6508A908-EF14-4A72-AC75-5DA6F8B98A0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3a:*:*:*:*:*:*",
"matchCriteriaId": "3BAD2012-5C82-4EA9-A780-9BF1DA5A18AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3c:*:*:*:*:*:*",
"matchCriteriaId": "58597F18-0B23-4D21-9ABA-D9773958F10E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3d:*:*:*:*:*:*",
"matchCriteriaId": "ADF46C54-313B-4742-A074-EEA0A6554680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3e:*:*:*:*:*:*",
"matchCriteriaId": "9587F800-57BC-44B6-870E-95691684FC46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3f:*:*:*:*:*:*",
"matchCriteriaId": "AD148A75-5076-416D-AFD6-0F281DA0A82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3g:*:*:*:*:*:*",
"matchCriteriaId": "956CEA8C-F8C4-41BD-85B4-44FE3A772E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3h:*:*:*:*:*:*",
"matchCriteriaId": "008AEA0F-116B-4AF8-B3A7-3041CCE25235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3i:*:*:*:*:*:*",
"matchCriteriaId": "EE486B2F-AED4-4FCE-A674-DFC25844FEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3j:*:*:*:*:*:*",
"matchCriteriaId": "4F73AA9E-51E9-4FA0-813D-AD05FDC3EF94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3k:*:*:*:*:*:*",
"matchCriteriaId": "455DD46E-A071-476D-8914-767485E45F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3l:*:*:*:*:*:*",
"matchCriteriaId": "3A422D04-48DF-4A16-94F8-D5702CC2782D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3m:*:*:*:*:*:*",
"matchCriteriaId": "806E9219-CDF4-4E62-978E-334E96A94BA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3n:*:*:*:*:*:*",
"matchCriteriaId": "34D8B182-4E71-4655-8DD8-743A3EF6DC8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3o:*:*:*:*:*:*",
"matchCriteriaId": "8D8F6CC7-6B6D-4079-9E2C-A85C4616FF92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3p:*:*:*:*:*:*",
"matchCriteriaId": "A814F0AB-4AEB-4139-976F-425A4A9EC67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "CC974CA1-88D3-42E4-BF1F-28870F8171B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:a:*:*:*:*:*:*",
"matchCriteriaId": "EFE63984-F69B-4593-9AEC-D179D6D98B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:b:*:*:*:*:*:*",
"matchCriteriaId": "34D1F3B3-8E3F-4E4D-8EE6-2F593663B5CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:c:*:*:*:*:*:*",
"matchCriteriaId": "16F3D992-9F48-4604-9AAF-DC2D1CE98BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "C745A7E6-4760-48CD-B7C4-1C2C20217F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "A5522514-8ED9-45DB-9036-33FE40D77E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1b:*:*:*:*:*:*",
"matchCriteriaId": "8C27C660-E917-4944-8B4C-41D9622B76D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "56CFB469-B3E6-4503-A47C-D18206D4D19A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "67024A43-9E13-4F4E-B711-731792DA3840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "604F559F-1775-4F29-996E-9079B99345B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "61DC9400-5AEE-49AC-9925-0A96E32BD8C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2b:*:*:*:*:*:*",
"matchCriteriaId": "98C1B77E-AB0E-4E8A-8294-2D3D230CDF9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2c:*:*:*:*:*:*",
"matchCriteriaId": "8EC8BEF1-7908-46C0-841A-834778D1A863",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8DFE6-9C74-4711-A8AF-3B170876A1F9",
"versionEndExcluding": "5.2",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de desbordamiento de mont\u00f3n en la implementaci\u00f3n del protocolo DCERPC. Un actor malintencionado con acceso a la red de vCenter Server puede desencadenar esta vulnerabilidad al enviar un paquete de red especialmente manipulado que podr\u00eda conducir a la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"id": "CVE-2024-37079",
"lastModified": "2025-03-14T14:15:16.010",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-18T06:15:11.350",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-25 15:15
Modified
2024-11-21 05:32
Severity ?
Summary
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds write vulnerability in the USB 3.0 controller (xHCI). A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to crash the virtual machine's vmx process leading to a denial of service condition or execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker's control must be present for exploitation to be possible.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2020-0015.html | Vendor Advisory | |
| security@vmware.com | https://www.zerodayinitiative.com/advisories/ZDI-20-781/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2020-0015.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-20-781/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | fusion | * | |
| vmware | workstation | * | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 7.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F22BFA96-7E07-4E05-90A4-45A2F2FC2064",
"versionEndExcluding": "3.10",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02A5A8AC-4C6C-4E95-B730-00783FB79DFF",
"versionEndExcluding": "4.0.1",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CD44672-26F4-4B0F-933E-C929B32E3C9E",
"versionEndExcluding": "11.5.5",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEDE60F7-0DD8-43BD-9780-40058AFDB073",
"versionEndExcluding": "15.5.5",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*",
"matchCriteriaId": "7F916A39-13BD-44A7-A9EC-1FD40EBE357C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*",
"matchCriteriaId": "4F8219B4-1FC2-4383-83E6-92DF700C72D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*",
"matchCriteriaId": "C44C9D6A-8BBE-4970-A732-B9F86D42A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*",
"matchCriteriaId": "427F4ED8-8782-4BDF-A559-11CB8E0A65F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*",
"matchCriteriaId": "63DDC95E-BBCD-4A68-9AFB-B5F9D206818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*",
"matchCriteriaId": "B27E3424-5D4E-4E5D-8762-7AECBB11FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2D217AAB-D45F-480B-8F82-16B261F370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*",
"matchCriteriaId": "1B58312B-D72B-4F13-9EF5-0F42CE592757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*",
"matchCriteriaId": "8FBB88C2-793A-40F2-AA40-EC315115AE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*",
"matchCriteriaId": "21F59801-904B-427F-A1A9-C933E38AB7AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*",
"matchCriteriaId": "5A3FFDE9-FD36-41F9-AC35-E14BB6AEF7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*",
"matchCriteriaId": "D22AFAE1-F817-4037-8EE5-AF04314AAAB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*",
"matchCriteriaId": "8D4C44D6-73AD-48A3-B5F3-31B1FDC77E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*",
"matchCriteriaId": "5D1694B2-1CD9-4943-8CFF-38218CDB88F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*",
"matchCriteriaId": "154B54C8-1D65-4D3E-A64B-CF2D21E71FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*",
"matchCriteriaId": "D86BCD56-4BD6-4C61-B80E-12E47D12A00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*",
"matchCriteriaId": "6741A159-1D92-4E25-BD43-606DE1138D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*",
"matchCriteriaId": "DCC98C53-EEC1-4CFE-9C31-9F2592723B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*",
"matchCriteriaId": "9969057F-BD3A-474E-8A02-087575A8AA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*",
"matchCriteriaId": "7111974A-2A88-4209-8CBB-F872993AE4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*",
"matchCriteriaId": "35722902-3652-44F1-89C2-08EB51F2A1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*",
"matchCriteriaId": "E469AC46-D464-4960-8F23-CA59B3DCB7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*",
"matchCriteriaId": "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*",
"matchCriteriaId": "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*",
"matchCriteriaId": "739948F5-E005-49E3-B412-4E035C7D95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*",
"matchCriteriaId": "D1828A75-5088-4992-A06B-A58B62536F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*",
"matchCriteriaId": "58030F5A-82E1-4D54-A8F0-30CAAD4C8402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*",
"matchCriteriaId": "9A013753-5E40-4CD8-A649-6CD023E0A970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*",
"matchCriteriaId": "F554BC79-A92C-4287-9D94-3657C48E36CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*",
"matchCriteriaId": "F82710D4-3FAB-469F-B15C-F22B4786AE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*",
"matchCriteriaId": "BDE7B96D-AD37-406D-AF62-3797E7A55119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*",
"matchCriteriaId": "A9C294EC-F0BE-44DA-9073-D29D693F0964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*",
"matchCriteriaId": "E05B6CD2-A581-46C2-AEA7-D8A6028FB466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*",
"matchCriteriaId": "6CEC1380-E75E-40B5-BDE8-94E12317CCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*",
"matchCriteriaId": "C7B7079D-785C-4941-929A-C82B54809728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*",
"matchCriteriaId": "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*",
"matchCriteriaId": "31F8FFF5-25BD-408D-9089-567AF16BA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*",
"matchCriteriaId": "EE834CFD-5533-4989-8836-D0F07ED4919C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*",
"matchCriteriaId": "092F9149-6B82-48CD-B90C-87DB36881F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*",
"matchCriteriaId": "B2EA0EC1-0139-403C-AC9B-08D8530F4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*",
"matchCriteriaId": "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*",
"matchCriteriaId": "755CCD27-3C87-497F-BDBB-48D3163909A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*",
"matchCriteriaId": "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*",
"matchCriteriaId": "1CE71B5C-586B-4829-9A7E-3A008A1C1E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*",
"matchCriteriaId": "802A1549-678C-4001-807B-97AD0953B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*",
"matchCriteriaId": "A6024926-4AE4-4609-99DE-E3173A72058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*",
"matchCriteriaId": "AB1CAAFF-616A-4455-86CA-0ED553D3D27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*",
"matchCriteriaId": "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*",
"matchCriteriaId": "13C713B1-AEA0-40B0-829E-4D0A23808577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "70F4DA98-C1D3-489E-958C-B466BEAD772B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds write vulnerability in the USB 3.0 controller (xHCI). A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to crash the virtual machine\u0027s vmx process leading to a denial of service condition or execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker\u0027s control must be present for exploitation to be possible."
},
{
"lang": "es",
"value": "VMware ESXi (versiones 7.0 anteriores a ESXi_7.0.0-1.20.16321839, versiones 6.7 anteriores a ESXi670-202004101-SG y versiones 6.5 anteriores a ESXi650-202005401-SG), Workstation (versiones 15.x anteriores a 15.5.5) y Fusion (versiones 11.x anteriores a 11.5. 5), contienen una vulnerabilidad de escritura fuera de l\u00edmites en el controlador USB 3.0 (xHCI). Un actor malicioso con privilegios administrativos locales en una m\u00e1quina virtual puede ser capaz de explotar este problema para bloquear el proceso vmx de la m\u00e1quina virtual que conlleva a una condici\u00f3n de denegaci\u00f3n de servicio o ejecutar c\u00f3digo en el hipervisor desde una m\u00e1quina virtual. Unas condiciones adicionales m\u00e1s all\u00e1 del control del atacante deben estar presentes para que la explotaci\u00f3n pueda ser posible"
}
],
"id": "CVE-2020-3968",
"lastModified": "2024-11-21T05:32:04.873",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-25T15:15:11.383",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"source": "security@vmware.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-781/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-781/"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 12:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vCenter Server contains a local information disclosure vulnerability in the Analytics service. An authenticated user with non-administrative privilege may exploit this issue to gain access to sensitive information.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5071E0B4-FE4B-4525-BAF6-3900D9C8D48D",
"versionEndExcluding": "5.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a local information disclosure vulnerability in the Analytics service. An authenticated user with non-administrative privilege may exploit this issue to gain access to sensitive information."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n local en el servicio Analytics. Un usuario autenticado con privilegios no administrativos puede explotar este problema para conseguir acceso a informaci\u00f3n confidencial"
}
],
"id": "CVE-2021-22007",
"lastModified": "2024-11-21T05:49:25.760",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T12:15:07.803",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-25 15:15
Modified
2024-11-21 05:32
Severity ?
Summary
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a use-after-free vulnerability in PVNVRAM. A malicious actor with local access to a virtual machine may be able to read privileged information contained in physical memory.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html | Exploit, Third Party Advisory, VDB Entry | |
| security@vmware.com | http://seclists.org/fulldisclosure/2020/Jul/22 | Exploit, Mailing List, Third Party Advisory | |
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2020-0015.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2020/Jul/22 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2020-0015.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | fusion | * | |
| vmware | workstation | * | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 7.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F22BFA96-7E07-4E05-90A4-45A2F2FC2064",
"versionEndExcluding": "3.10",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02A5A8AC-4C6C-4E95-B730-00783FB79DFF",
"versionEndExcluding": "4.0.1",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7448F9A-9D9B-47BC-ACD1-18199A70D148",
"versionEndExcluding": "11.5.2",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A3302D-706B-4260-8407-121D7C2F0867",
"versionEndExcluding": "15.5.2",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*",
"matchCriteriaId": "7F916A39-13BD-44A7-A9EC-1FD40EBE357C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*",
"matchCriteriaId": "4F8219B4-1FC2-4383-83E6-92DF700C72D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*",
"matchCriteriaId": "C44C9D6A-8BBE-4970-A732-B9F86D42A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*",
"matchCriteriaId": "427F4ED8-8782-4BDF-A559-11CB8E0A65F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*",
"matchCriteriaId": "63DDC95E-BBCD-4A68-9AFB-B5F9D206818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*",
"matchCriteriaId": "B27E3424-5D4E-4E5D-8762-7AECBB11FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2D217AAB-D45F-480B-8F82-16B261F370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*",
"matchCriteriaId": "1B58312B-D72B-4F13-9EF5-0F42CE592757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*",
"matchCriteriaId": "8FBB88C2-793A-40F2-AA40-EC315115AE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*",
"matchCriteriaId": "21F59801-904B-427F-A1A9-C933E38AB7AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*",
"matchCriteriaId": "5A3FFDE9-FD36-41F9-AC35-E14BB6AEF7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*",
"matchCriteriaId": "D22AFAE1-F817-4037-8EE5-AF04314AAAB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*",
"matchCriteriaId": "8D4C44D6-73AD-48A3-B5F3-31B1FDC77E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*",
"matchCriteriaId": "5D1694B2-1CD9-4943-8CFF-38218CDB88F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*",
"matchCriteriaId": "154B54C8-1D65-4D3E-A64B-CF2D21E71FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*",
"matchCriteriaId": "D86BCD56-4BD6-4C61-B80E-12E47D12A00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*",
"matchCriteriaId": "6741A159-1D92-4E25-BD43-606DE1138D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*",
"matchCriteriaId": "DCC98C53-EEC1-4CFE-9C31-9F2592723B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*",
"matchCriteriaId": "9969057F-BD3A-474E-8A02-087575A8AA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*",
"matchCriteriaId": "7111974A-2A88-4209-8CBB-F872993AE4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*",
"matchCriteriaId": "35722902-3652-44F1-89C2-08EB51F2A1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*",
"matchCriteriaId": "E469AC46-D464-4960-8F23-CA59B3DCB7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*",
"matchCriteriaId": "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*",
"matchCriteriaId": "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*",
"matchCriteriaId": "739948F5-E005-49E3-B412-4E035C7D95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*",
"matchCriteriaId": "D1828A75-5088-4992-A06B-A58B62536F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*",
"matchCriteriaId": "58030F5A-82E1-4D54-A8F0-30CAAD4C8402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*",
"matchCriteriaId": "9A013753-5E40-4CD8-A649-6CD023E0A970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*",
"matchCriteriaId": "F554BC79-A92C-4287-9D94-3657C48E36CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*",
"matchCriteriaId": "F82710D4-3FAB-469F-B15C-F22B4786AE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*",
"matchCriteriaId": "BDE7B96D-AD37-406D-AF62-3797E7A55119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*",
"matchCriteriaId": "A9C294EC-F0BE-44DA-9073-D29D693F0964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*",
"matchCriteriaId": "E05B6CD2-A581-46C2-AEA7-D8A6028FB466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*",
"matchCriteriaId": "6CEC1380-E75E-40B5-BDE8-94E12317CCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*",
"matchCriteriaId": "C7B7079D-785C-4941-929A-C82B54809728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*",
"matchCriteriaId": "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*",
"matchCriteriaId": "31F8FFF5-25BD-408D-9089-567AF16BA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*",
"matchCriteriaId": "EE834CFD-5533-4989-8836-D0F07ED4919C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*",
"matchCriteriaId": "092F9149-6B82-48CD-B90C-87DB36881F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*",
"matchCriteriaId": "B2EA0EC1-0139-403C-AC9B-08D8530F4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*",
"matchCriteriaId": "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*",
"matchCriteriaId": "755CCD27-3C87-497F-BDBB-48D3163909A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*",
"matchCriteriaId": "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*",
"matchCriteriaId": "1CE71B5C-586B-4829-9A7E-3A008A1C1E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*",
"matchCriteriaId": "802A1549-678C-4001-807B-97AD0953B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*",
"matchCriteriaId": "A6024926-4AE4-4609-99DE-E3173A72058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*",
"matchCriteriaId": "AB1CAAFF-616A-4455-86CA-0ED553D3D27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*",
"matchCriteriaId": "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*",
"matchCriteriaId": "13C713B1-AEA0-40B0-829E-4D0A23808577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004301:*:*:*:*:*:*",
"matchCriteriaId": "04BAED99-1BF3-4089-B6E6-0BE505E6D846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004401:*:*:*:*:*:*",
"matchCriteriaId": "F318EA34-1EB7-484D-B016-3173683B0823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004402:*:*:*:*:*:*",
"matchCriteriaId": "08254171-3483-4796-AD29-8C8A66BEA7A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004403:*:*:*:*:*:*",
"matchCriteriaId": "BB87B220-ED25-4818-8E70-A9663CCEF005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004404:*:*:*:*:*:*",
"matchCriteriaId": "1275D19D-05C0-42F8-8402-647E512DAC72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004405:*:*:*:*:*:*",
"matchCriteriaId": "7D919EB9-F45B-4A4B-9887-7DE98065B766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004406:*:*:*:*:*:*",
"matchCriteriaId": "6CB29FBD-2AD3-49D0-9F49-AE4DD9192C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004407:*:*:*:*:*:*",
"matchCriteriaId": "C2ACA3A8-5B40-45C4-B47F-0DCF04D6700F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004408:*:*:*:*:*:*",
"matchCriteriaId": "92E98665-4919-4D45-88CF-28835DADD6E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C0A275B7-DBF3-4332-8B5F-C9CAD84229B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "70F4DA98-C1D3-489E-958C-B466BEAD772B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a use-after-free vulnerability in PVNVRAM. A malicious actor with local access to a virtual machine may be able to read privileged information contained in physical memory."
},
{
"lang": "es",
"value": "VMware ESXi (versiones 7.0 anteriores a ESXi_7.0.0-1.20.16321839, versiones 6.7 anteriores a ESXi670-202006401-SG y versiones 6.5 anteriores a ESXi650-202005401-SG), Workstation (versiones 15.x anteriores a 15.5.2) y Fusion (versiones 11.x anteriores a 11.5. 2), contiene una vulnerabilidad de uso de la memoria previamente liberada en PVNVRAM. Un actor malicioso con acceso local a una m\u00e1quina virtual puede ser capaz de leer informaci\u00f3n privilegiada contenida en la memoria f\u00edsica"
}
],
"id": "CVE-2020-3963",
"lastModified": "2024-11-21T05:32:04.127",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-25T15:15:11.053",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html"
},
{
"source": "security@vmware.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Jul/22"
},
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Jul/22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 12:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vCenter Server contains an information disclosure vulnerability due to an unauthenticated appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5071E0B4-FE4B-4525-BAF6-3900D9C8D48D",
"versionEndExcluding": "5.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains an information disclosure vulnerability due to an unauthenticated appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n debido a una API de administraci\u00f3n de dispositivos no autenticada. Un actor malicioso con acceso de red al puerto 443 de vCenter Server puede explotar este problema para conseguir acceso a informaci\u00f3n confidencial"
}
],
"id": "CVE-2021-22012",
"lastModified": "2024-11-21T05:49:26.277",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T12:15:08.037",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-14 19:15
Modified
2025-04-22 16:15
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | access | 21.08.0.0 | |
| vmware | access | 21.08.0.1 | |
| vmware | access | 22.09.0.0 | |
| vmware | cloud_foundation | * | |
| vmware | identity_manager_connector | 3.3.6 | |
| linux | linux_kernel | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:access:21.08.0.0:*:*:*:*:linux:*:*",
"matchCriteriaId": "58F8802F-BE7F-4908-BD92-2576238798D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:access:21.08.0.1:*:*:*:*:linux:*:*",
"matchCriteriaId": "B7145A8C-7716-4839-8707-05765687447B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:access:22.09.0.0:*:*:*:*:linux:*:*",
"matchCriteriaId": "71EE79BE-E945-4BD7-99D7-0CC2EE4C9CCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "067E304C-26C2-4527-AE53-91B43DA33303",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:identity_manager_connector:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "004A7497-2D06-4D8D-9C82-C0D774101326",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3."
},
{
"lang": "es",
"value": "VMware Workspace ONE Access and Identity Manager contiene una vulnerabilidad de autenticaci\u00f3n rota. VMware ha evaluado la gravedad de este problema en el rango de gravedad moderada con una puntuaci\u00f3n base CVSSv3 m\u00e1xima de 5.3."
}
],
"id": "CVE-2022-31701",
"lastModified": "2025-04-22T16:15:30.100",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-12-14T19:15:12.950",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0032.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-16 17:15
Modified
2024-11-21 05:49
Severity ?
Summary
VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. A malicious actor with privileges within the VMX process only, may be able to access settingsd service running as a high privileged user.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2022-0004.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2022-0004.html | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBED072F-DE79-41C6-AD4F-02E10BD27FBD",
"versionEndExcluding": "4.4",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "D3E3A02D-6C1E-4DE8-B845-60F53C056F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "4ADC3CFF-7415-46A5-817A-2F053B261E8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. A malicious actor with privileges within the VMX process only, may be able to access settingsd service running as a high privileged user."
},
{
"lang": "es",
"value": "VMware ESXi contiene una vulnerabilidad de acceso no autorizado debido a que VMX presenta acceso a los tickets de autorizaci\u00f3n de settingsd. Un actor malicioso con privilegios s\u00f3lo dentro del proceso VMX, puede ser capaz de acceder al servicio settingsd que es ejecutado como un usuario con altos privilegios"
}
],
"id": "CVE-2021-22042",
"lastModified": "2024-11-21T05:49:29.300",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-16T17:15:10.537",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-12 21:15
Modified
2025-01-27 18:15
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | aria_operations | * | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:aria_operations:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CE1B0DC-3368-4158-8DC1-E793E11D8116",
"versionEndExcluding": "8.12.0",
"versionStartIncluding": "8.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF004A8-90A0-4804-97DA-C2C2005A54AA",
"versionEndIncluding": "4.5",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to \u0027root\u0027."
}
],
"id": "CVE-2023-20880",
"lastModified": "2025-01-27T18:15:32.653",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-05-12T21:15:09.173",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0009.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-13 16:15
Modified
2025-04-22 16:15
Severity ?
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | 3.0 | |
| vmware | cloud_foundation | 3.0.1 | |
| vmware | cloud_foundation | 3.0.1.1 | |
| vmware | cloud_foundation | 3.5 | |
| vmware | cloud_foundation | 3.5.1 | |
| vmware | cloud_foundation | 3.7 | |
| vmware | cloud_foundation | 3.7.1 | |
| vmware | cloud_foundation | 3.7.2 | |
| vmware | cloud_foundation | 3.8 | |
| vmware | cloud_foundation | 3.8.1 | |
| vmware | cloud_foundation | 3.9 | |
| vmware | cloud_foundation | 3.9.1 | |
| vmware | cloud_foundation | 3.10 | |
| vmware | cloud_foundation | 3.10.1 | |
| vmware | cloud_foundation | 3.10.1.1 | |
| vmware | cloud_foundation | 3.10.1.2 | |
| vmware | cloud_foundation | 3.10.2.1 | |
| vmware | cloud_foundation | 3.10.2.2 | |
| vmware | cloud_foundation | 3.11 | |
| vmware | cloud_foundation | 4.0 | |
| vmware | cloud_foundation | 4.0.1 | |
| vmware | cloud_foundation | 4.1 | |
| vmware | cloud_foundation | 4.1.0.1 | |
| vmware | cloud_foundation | 4.2 | |
| vmware | cloud_foundation | 4.2.1 | |
| vmware | cloud_foundation | 4.3 | |
| vmware | cloud_foundation | 4.3.1 | |
| vmware | cloud_foundation | 4.4 | |
| vmware | cloud_foundation | 4.4.1 | |
| vmware | cloud_foundation | 4.4.1.1 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "B4EACDFF-B042-4AC9-A87E-D8F27F7BBDAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36847AD6-88CC-4228-AB4E-5161B381267C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC3C214-DEFC-48D9-8728-31F19095375E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF5CF56-8DE1-42F5-9EC1-E5666DD7FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36668618-33C3-460A-879B-A9741405C9D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8266FD66-3BB6-4720-9D9F-06EFB38FA4B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8D4C25D3-BC49-4727-B7A2-28C0F2E647EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3E9AB6FF-D508-42FF-8FB9-24B96AE2F03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "328785AE-390C-4CA2-9771-4A26387E4E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298B797F-C3B6-445C-AADB-8633B446F10F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F97BA12F-A60D-4398-9CA8-DE2F7BACBA8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E19009EB-02D3-424A-947D-7B66EFCCE422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "89656A51-0840-4A27-B05B-7E54B0CF0521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "11C27637-44C5-4678-AF19-82E6CB9B15E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D26128AF-864F-403E-A491-437FEC0BE1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8A8D11F7-A6C1-4E9A-A288-B90B90B0CAB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB2DDABB-1590-4AE7-B96D-BB7FB209582D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6A79A33F-A1FF-438F-BC77-94ACC45F5488",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "42DF0955-2FDD-46BF-9932-AF2C8F8A7599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.0:-:*:*:*:*:*:*",
"matchCriteriaId": "8A04025A-3891-48BB-9C4C-EC6D03E3037C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A54544F5-5929-4609-A91C-FCA0FDBFE862",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA6D6348-E71A-4DA4-AC84-51397B2461A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8EC0B43-8667-45D6-BF97-03DDFFAD2AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E841E8EF-9500-4937-BAC4-8AB76C96A3EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4C5700-1AFE-49F6-AC92-09F2349345ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B23891F3-08B7-480B-9B83-81381E33212F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC07793-6DB1-4ACD-976D-A370FFAE505A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F7B0AA0D-0BE2-40C5-A432-F607EF66829C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6C767B9C-CDAC-4651-B696-589726CDD5C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E216CBB-8C99-46AA-B195-E16393354D14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*",
"matchCriteriaId": "7F916A39-13BD-44A7-A9EC-1FD40EBE357C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*",
"matchCriteriaId": "4F8219B4-1FC2-4383-83E6-92DF700C72D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*",
"matchCriteriaId": "C44C9D6A-8BBE-4970-A732-B9F86D42A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*",
"matchCriteriaId": "427F4ED8-8782-4BDF-A559-11CB8E0A65F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*",
"matchCriteriaId": "63DDC95E-BBCD-4A68-9AFB-B5F9D206818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*",
"matchCriteriaId": "B27E3424-5D4E-4E5D-8762-7AECBB11FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2D217AAB-D45F-480B-8F82-16B261F370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*",
"matchCriteriaId": "1B58312B-D72B-4F13-9EF5-0F42CE592757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*",
"matchCriteriaId": "8FBB88C2-793A-40F2-AA40-EC315115AE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*",
"matchCriteriaId": "21F59801-904B-427F-A1A9-C933E38AB7AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*",
"matchCriteriaId": "5A3FFDE9-FD36-41F9-AC35-E14BB6AEF7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*",
"matchCriteriaId": "D22AFAE1-F817-4037-8EE5-AF04314AAAB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*",
"matchCriteriaId": "8D4C44D6-73AD-48A3-B5F3-31B1FDC77E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*",
"matchCriteriaId": "5D1694B2-1CD9-4943-8CFF-38218CDB88F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*",
"matchCriteriaId": "154B54C8-1D65-4D3E-A64B-CF2D21E71FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*",
"matchCriteriaId": "D86BCD56-4BD6-4C61-B80E-12E47D12A00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*",
"matchCriteriaId": "6741A159-1D92-4E25-BD43-606DE1138D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*",
"matchCriteriaId": "DCC98C53-EEC1-4CFE-9C31-9F2592723B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C565246C-896C-4E48-8C24-344C9B0A3057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202007001:*:*:*:*:*:*",
"matchCriteriaId": "8479F377-4F47-433D-867D-A94A4B0E46EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202010001:*:*:*:*:*:*",
"matchCriteriaId": "ECC2468D-6B23-4C7E-951B-DDA8DD17B51E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202011001:*:*:*:*:*:*",
"matchCriteriaId": "2CB7210B-C9FC-41FA-A258-1F6EC737E9BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202011002:*:*:*:*:*:*",
"matchCriteriaId": "3279299C-37AD-47DF-B22A-20562D13AD80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202102001:*:*:*:*:*:*",
"matchCriteriaId": "91032EB0-AC08-459A-8D78-C7412AE64E3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202102002:*:*:*:*:*:*",
"matchCriteriaId": "7C5987AE-6E37-4470-A192-5E2F1C999F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202102003:*:*:*:*:*:*",
"matchCriteriaId": "F603C437-FC49-4CCA-8A1A-3264CAE794B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202107401:*:*:*:*:*:*",
"matchCriteriaId": "BA34EFDD-DA04-415D-93B8-E5B35EF8A5F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202202001:*:*:*:*:*:*",
"matchCriteriaId": "BAB02C0E-619B-45F4-83FE-28E662FF6EA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202205001:*:*:*:*:*:*",
"matchCriteriaId": "B61AF0C6-B439-4132-AAB5-16125798E759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202207001:*:*:*:*:*:*",
"matchCriteriaId": "B65A181F-12C4-49FE-A11C-830FE15B13FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201-ug:*:*:*:*:*:*",
"matchCriteriaId": "7264CDC9-FB2D-45A9-9307-C197B1052477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202-ug:*:*:*:*:*:*",
"matchCriteriaId": "D0538570-759A-441A-BC37-556642C090F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203-ug:*:*:*:*:*:*",
"matchCriteriaId": "9CF906E5-A846-49BA-925B-C6059FD02BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204-ug:*:*:*:*:*:*",
"matchCriteriaId": "7D3D0230-53D4-469F-AD46-74F057F6F9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205-ug:*:*:*:*:*:*",
"matchCriteriaId": "8D8E89CE-C919-4CDF-98BE-BA9A126B36BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206-ug:*:*:*:*:*:*",
"matchCriteriaId": "73DA1453-4756-4C16-9640-B3B0C6F617DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207-ug:*:*:*:*:*:*",
"matchCriteriaId": "589EE886-6927-4AEA-903C-155C23B1747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BDDFA27-0D99-4D98-B00F-5D038488BAAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209-ug:*:*:*:*:*:*",
"matchCriteriaId": "3F931502-8460-4373-92D7-CFD817F4A062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210-ug:*:*:*:*:*:*",
"matchCriteriaId": "287D4E48-4890-46C2-8B9B-1CE484C9D30A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211-ug:*:*:*:*:*:*",
"matchCriteriaId": "A916EB29-ADE4-4D65-BF8E-98B44E466AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212-ug:*:*:*:*:*:*",
"matchCriteriaId": "BC024B88-DEDD-49E5-B668-5B00C212B6A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213-ug:*:*:*:*:*:*",
"matchCriteriaId": "DB9F131B-46BE-44F8-904B-FD0839926B18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214-ug:*:*:*:*:*:*",
"matchCriteriaId": "BA2195E5-3BAD-4E90-BE40-A59C0A6A9EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215-ug:*:*:*:*:*:*",
"matchCriteriaId": "1503D3D9-E1A7-41F9-B26D-0AED8ABE6FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216-ug:*:*:*:*:*:*",
"matchCriteriaId": "7BD28EE0-808D-4A76-B707-F163527608C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217-ug:*:*:*:*:*:*",
"matchCriteriaId": "79225541-575F-44FC-8ED6-24BA6A4128EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218-ug:*:*:*:*:*:*",
"matchCriteriaId": "8A4A62CD-A46B-4612-9DC8-7744E6D5EA40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219-ug:*:*:*:*:*:*",
"matchCriteriaId": "D526CE1D-ED76-44EB-9377-53EF7556E254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220-ug:*:*:*:*:*:*",
"matchCriteriaId": "D7E92A1C-40EB-441B-A634-42609527210A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221-ug:*:*:*:*:*:*",
"matchCriteriaId": "111A10BE-FC5A-4272-9719-1DED62694A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222-ug:*:*:*:*:*:*",
"matchCriteriaId": "FC65FCFC-CD55-401A-8986-A1DBF544D228",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223-ug:*:*:*:*:*:*",
"matchCriteriaId": "EEBD3AEC-284C-44E1-A4CD-010787114737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224-ug:*:*:*:*:*:*",
"matchCriteriaId": "42F87C20-5A00-43C9-A445-50AD716233D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225-ug:*:*:*:*:*:*",
"matchCriteriaId": "C1412AFC-CBE8-4151-B01D-785F11ACAB85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226-ug:*:*:*:*:*:*",
"matchCriteriaId": "6431DD1F-2269-4AFB-B486-9B6373F41C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BA5D0CB-E5B0-4C95-91A7-C662BAE01483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228-ug:*:*:*:*:*:*",
"matchCriteriaId": "A86BDAB4-3924-45A8-9130-517DEA184FA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229-ug:*:*:*:*:*:*",
"matchCriteriaId": "A6EAE07B-2849-4E3B-B8D0-F68E6440A9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*",
"matchCriteriaId": "9969057F-BD3A-474E-8A02-087575A8AA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*",
"matchCriteriaId": "7111974A-2A88-4209-8CBB-F872993AE4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*",
"matchCriteriaId": "35722902-3652-44F1-89C2-08EB51F2A1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*",
"matchCriteriaId": "E469AC46-D464-4960-8F23-CA59B3DCB7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*",
"matchCriteriaId": "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*",
"matchCriteriaId": "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*",
"matchCriteriaId": "739948F5-E005-49E3-B412-4E035C7D95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*",
"matchCriteriaId": "D1828A75-5088-4992-A06B-A58B62536F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*",
"matchCriteriaId": "58030F5A-82E1-4D54-A8F0-30CAAD4C8402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*",
"matchCriteriaId": "9A013753-5E40-4CD8-A649-6CD023E0A970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*",
"matchCriteriaId": "F554BC79-A92C-4287-9D94-3657C48E36CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*",
"matchCriteriaId": "F82710D4-3FAB-469F-B15C-F22B4786AE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*",
"matchCriteriaId": "BDE7B96D-AD37-406D-AF62-3797E7A55119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*",
"matchCriteriaId": "A9C294EC-F0BE-44DA-9073-D29D693F0964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*",
"matchCriteriaId": "E05B6CD2-A581-46C2-AEA7-D8A6028FB466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*",
"matchCriteriaId": "6CEC1380-E75E-40B5-BDE8-94E12317CCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*",
"matchCriteriaId": "C7B7079D-785C-4941-929A-C82B54809728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*",
"matchCriteriaId": "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*",
"matchCriteriaId": "31F8FFF5-25BD-408D-9089-567AF16BA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*",
"matchCriteriaId": "EE834CFD-5533-4989-8836-D0F07ED4919C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*",
"matchCriteriaId": "092F9149-6B82-48CD-B90C-87DB36881F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*",
"matchCriteriaId": "B2EA0EC1-0139-403C-AC9B-08D8530F4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*",
"matchCriteriaId": "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*",
"matchCriteriaId": "755CCD27-3C87-497F-BDBB-48D3163909A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201911001:*:*:*:*:*:*",
"matchCriteriaId": "2130E67D-7F2A-4D82-BEFD-BA42B6B6FDA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*",
"matchCriteriaId": "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*",
"matchCriteriaId": "1CE71B5C-586B-4829-9A7E-3A008A1C1E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*",
"matchCriteriaId": "802A1549-678C-4001-807B-97AD0953B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*",
"matchCriteriaId": "A6024926-4AE4-4609-99DE-E3173A72058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*",
"matchCriteriaId": "AB1CAAFF-616A-4455-86CA-0ED553D3D27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*",
"matchCriteriaId": "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*",
"matchCriteriaId": "13C713B1-AEA0-40B0-829E-4D0A23808577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004301:*:*:*:*:*:*",
"matchCriteriaId": "04BAED99-1BF3-4089-B6E6-0BE505E6D846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004401:*:*:*:*:*:*",
"matchCriteriaId": "F318EA34-1EB7-484D-B016-3173683B0823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004402:*:*:*:*:*:*",
"matchCriteriaId": "08254171-3483-4796-AD29-8C8A66BEA7A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004403:*:*:*:*:*:*",
"matchCriteriaId": "BB87B220-ED25-4818-8E70-A9663CCEF005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004404:*:*:*:*:*:*",
"matchCriteriaId": "1275D19D-05C0-42F8-8402-647E512DAC72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004405:*:*:*:*:*:*",
"matchCriteriaId": "7D919EB9-F45B-4A4B-9887-7DE98065B766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004406:*:*:*:*:*:*",
"matchCriteriaId": "6CB29FBD-2AD3-49D0-9F49-AE4DD9192C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004407:*:*:*:*:*:*",
"matchCriteriaId": "C2ACA3A8-5B40-45C4-B47F-0DCF04D6700F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004408:*:*:*:*:*:*",
"matchCriteriaId": "92E98665-4919-4D45-88CF-28835DADD6E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C0A275B7-DBF3-4332-8B5F-C9CAD84229B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202008001:*:*:*:*:*:*",
"matchCriteriaId": "497F58A2-0A2C-4A59-A73B-31C956EF3CD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202010001:*:*:*:*:*:*",
"matchCriteriaId": "18E8632C-E442-4F18-BFE2-96AE5C839F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202011001:*:*:*:*:*:*",
"matchCriteriaId": "13D69B99-CB36-45DD-9FD9-C58186998200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202011002:*:*:*:*:*:*",
"matchCriteriaId": "EF0BC157-1834-46D8-9BF9-0CE9648C7D8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202102001:*:*:*:*:*:*",
"matchCriteriaId": "728136B6-47A7-42BC-9464-7745E4F2B4FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202103001:*:*:*:*:*:*",
"matchCriteriaId": "3967967A-E0A5-45B3-999C-D749A9B0C791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202111001:*:*:*:*:*:*",
"matchCriteriaId": "8220EA95-39E0-46FA-98B2-5C793E3CE1CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202201001:*:*:*:*:*:*",
"matchCriteriaId": "E0CB425E-5551-4E9F-A4FD-6F36A25498CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202206001:*:*:*:*:*:*",
"matchCriteriaId": "3FBE46D6-279C-42B1-8555-48F415469852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202207001:*:*:*:*:*:*",
"matchCriteriaId": "525A7859-4B5C-430F-85C3-A0BCBD4346D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "F030A666-1955-438B-8417-5C294905399F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
"matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "238E7AF4-722B-423D-ABB1-424286B06715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "1E4DE8C7-72FB-4BEC-AD9E-378786295011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1e:*:*:*:*:*:*",
"matchCriteriaId": "2E6DE184-35C8-4A13-91D4-4B43E9F0168C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "D3E3A02D-6C1E-4DE8-B845-60F53C056F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*",
"matchCriteriaId": "12D385F0-DB2B-4802-AD0E-31441DA056B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*",
"matchCriteriaId": "2C202879-9230-4E1D-BAB8-4FB7CE4BBC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*",
"matchCriteriaId": "CC6DC107-5142-4155-A33B-D5BE72E9ED38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2e:*:*:*:*:*:*",
"matchCriteriaId": "39817170-5C45-4F8A-916D-81B7352055DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*",
"matchCriteriaId": "A2F831A7-544E-4B45-BA49-7F7A0234579C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*",
"matchCriteriaId": "80A0DD2E-F1CC-413B-91F9-E3986011A0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3e:*:*:*:*:*:*",
"matchCriteriaId": "C77771B2-BC64-47A5-B6DB-9CBCC4456B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3f:*:*:*:*:*:*",
"matchCriteriaId": "86DE9CE6-F6C0-47D2-B3AB-34852A8B9603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3g:*:*:*:*:*:*",
"matchCriteriaId": "E75B2F03-702E-4359-9BB2-E234F1DC38C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure."
},
{
"lang": "es",
"value": "VMware ESXi contiene una vulnerabilidad de desbordamiento del heap. Un actor local malicioso con privilegios restringidos dentro de un proceso de espacio aislado puede aprovechar este problema para lograr una divulgaci\u00f3n parcial de informaci\u00f3n."
}
],
"id": "CVE-2022-31699",
"lastModified": "2025-04-22T16:15:29.720",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-12-13T16:15:19.903",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0030.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-24 17:15
Modified
2024-11-21 05:32
Severity ?
Summary
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a use-after-free vulnerability in the SVGA device. A malicious actor with local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2020-0015.html | Vendor Advisory | |
| security@vmware.com | https://www.zerodayinitiative.com/advisories/ZDI-20-785/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2020-0015.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-20-785/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | fusion | * | |
| vmware | workstation | * | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 7.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F22BFA96-7E07-4E05-90A4-45A2F2FC2064",
"versionEndExcluding": "3.10",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02A5A8AC-4C6C-4E95-B730-00783FB79DFF",
"versionEndExcluding": "4.0.1",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CD44672-26F4-4B0F-933E-C929B32E3C9E",
"versionEndExcluding": "11.5.5",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEDE60F7-0DD8-43BD-9780-40058AFDB073",
"versionEndExcluding": "15.5.5",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*",
"matchCriteriaId": "7F916A39-13BD-44A7-A9EC-1FD40EBE357C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*",
"matchCriteriaId": "4F8219B4-1FC2-4383-83E6-92DF700C72D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*",
"matchCriteriaId": "C44C9D6A-8BBE-4970-A732-B9F86D42A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*",
"matchCriteriaId": "427F4ED8-8782-4BDF-A559-11CB8E0A65F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*",
"matchCriteriaId": "63DDC95E-BBCD-4A68-9AFB-B5F9D206818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*",
"matchCriteriaId": "B27E3424-5D4E-4E5D-8762-7AECBB11FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2D217AAB-D45F-480B-8F82-16B261F370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*",
"matchCriteriaId": "1B58312B-D72B-4F13-9EF5-0F42CE592757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*",
"matchCriteriaId": "8FBB88C2-793A-40F2-AA40-EC315115AE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*",
"matchCriteriaId": "21F59801-904B-427F-A1A9-C933E38AB7AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*",
"matchCriteriaId": "5A3FFDE9-FD36-41F9-AC35-E14BB6AEF7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*",
"matchCriteriaId": "D22AFAE1-F817-4037-8EE5-AF04314AAAB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*",
"matchCriteriaId": "8D4C44D6-73AD-48A3-B5F3-31B1FDC77E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*",
"matchCriteriaId": "5D1694B2-1CD9-4943-8CFF-38218CDB88F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*",
"matchCriteriaId": "154B54C8-1D65-4D3E-A64B-CF2D21E71FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*",
"matchCriteriaId": "D86BCD56-4BD6-4C61-B80E-12E47D12A00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*",
"matchCriteriaId": "6741A159-1D92-4E25-BD43-606DE1138D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*",
"matchCriteriaId": "DCC98C53-EEC1-4CFE-9C31-9F2592723B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*",
"matchCriteriaId": "9969057F-BD3A-474E-8A02-087575A8AA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*",
"matchCriteriaId": "7111974A-2A88-4209-8CBB-F872993AE4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*",
"matchCriteriaId": "35722902-3652-44F1-89C2-08EB51F2A1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*",
"matchCriteriaId": "E469AC46-D464-4960-8F23-CA59B3DCB7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*",
"matchCriteriaId": "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*",
"matchCriteriaId": "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*",
"matchCriteriaId": "739948F5-E005-49E3-B412-4E035C7D95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*",
"matchCriteriaId": "D1828A75-5088-4992-A06B-A58B62536F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*",
"matchCriteriaId": "58030F5A-82E1-4D54-A8F0-30CAAD4C8402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*",
"matchCriteriaId": "9A013753-5E40-4CD8-A649-6CD023E0A970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*",
"matchCriteriaId": "F554BC79-A92C-4287-9D94-3657C48E36CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*",
"matchCriteriaId": "F82710D4-3FAB-469F-B15C-F22B4786AE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*",
"matchCriteriaId": "BDE7B96D-AD37-406D-AF62-3797E7A55119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*",
"matchCriteriaId": "A9C294EC-F0BE-44DA-9073-D29D693F0964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*",
"matchCriteriaId": "E05B6CD2-A581-46C2-AEA7-D8A6028FB466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*",
"matchCriteriaId": "6CEC1380-E75E-40B5-BDE8-94E12317CCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*",
"matchCriteriaId": "C7B7079D-785C-4941-929A-C82B54809728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*",
"matchCriteriaId": "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*",
"matchCriteriaId": "31F8FFF5-25BD-408D-9089-567AF16BA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*",
"matchCriteriaId": "EE834CFD-5533-4989-8836-D0F07ED4919C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*",
"matchCriteriaId": "092F9149-6B82-48CD-B90C-87DB36881F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*",
"matchCriteriaId": "B2EA0EC1-0139-403C-AC9B-08D8530F4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*",
"matchCriteriaId": "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*",
"matchCriteriaId": "755CCD27-3C87-497F-BDBB-48D3163909A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*",
"matchCriteriaId": "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*",
"matchCriteriaId": "1CE71B5C-586B-4829-9A7E-3A008A1C1E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*",
"matchCriteriaId": "802A1549-678C-4001-807B-97AD0953B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*",
"matchCriteriaId": "A6024926-4AE4-4609-99DE-E3173A72058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*",
"matchCriteriaId": "AB1CAAFF-616A-4455-86CA-0ED553D3D27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*",
"matchCriteriaId": "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*",
"matchCriteriaId": "13C713B1-AEA0-40B0-829E-4D0A23808577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "70F4DA98-C1D3-489E-958C-B466BEAD772B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a use-after-free vulnerability in the SVGA device. A malicious actor with local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine."
},
{
"lang": "es",
"value": "VMware ESXi (versiones 7.0 anteriores a ESXi_7.0.0-1.20.16321839, versiones 6.7 anteriores a ESXi670-202004101-SG y versiones 6.5 anteriores a ESXi650-202005401-SG), Workstation (versiones 15.x anteriores a 15.5.5) y Fusion (versiones 11.x anteriores a 11.5. 5), contienen una vulnerabilidad de uso de la memoria previamente liberada en el dispositivo SVGA. Un actor malicioso con acceso local a una m\u00e1quina virtual con gr\u00e1ficos 3D habilitados puede ser capaz de explotar esta vulnerabilidad para ejecutar c\u00f3digo en el hipervisor desde una m\u00e1quina virtual"
}
],
"id": "CVE-2020-3962",
"lastModified": "2024-11-21T05:32:03.983",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-24T17:15:12.477",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"source": "security@vmware.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-785/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-785/"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 12:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vCenter Server contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in vCenter Server Content Library. An authorised user with access to content library may exploit this issue by sending a POST request to vCenter Server leading to information disclosure.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5071E0B4-FE4B-4525-BAF6-3900D9C8D48D",
"versionEndExcluding": "5.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in vCenter Server Content Library. An authorised user with access to content library may exploit this issue by sending a POST request to vCenter Server leading to information disclosure."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de tipo SSRF (Server Side Request Forgery) debido a una comprobaci\u00f3n inapropiada de las URL en la biblioteca de contenidos del servidor vCenter. Un usuario autorizado con acceso a la biblioteca de contenidos puede explotar este problema mediante el env\u00edo de una petici\u00f3n POST a vCenter Server conllevando a una divulgaci\u00f3n de informaci\u00f3n"
}
],
"id": "CVE-2021-21993",
"lastModified": "2024-11-21T05:49:24.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T12:15:07.600",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 13:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vCenter Server contains an arbitrary file deletion vulnerability in a VMware vSphere Life-cycle Manager plug-in. A malicious actor with network access to port 9087 on vCenter Server may exploit this issue to delete non critical files.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "11082ABB-41A7-4B04-A287-8489B50BEBC0",
"versionEndExcluding": "4.3.1",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains an arbitrary file deletion vulnerability in a VMware vSphere Life-cycle Manager plug-in. A malicious actor with network access to port 9087 on vCenter Server may exploit this issue to delete non critical files."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de eliminaci\u00f3n arbitraria de archivos en un complemento de VMware vSphere Life-cycle Manager. Un actor malicioso con acceso de red al puerto 9087 en vCenter Server puede explotar este problema para eliminar archivos no cr\u00edticos"
}
],
"id": "CVE-2021-22018",
"lastModified": "2024-11-21T05:49:26.927",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T13:15:08.257",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-26 12:15
Modified
2025-05-14 16:36
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to email templates might inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | aria_operations | * | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:aria_operations:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E1C524-50BF-4B3E-9385-935660A1CC14",
"versionEndExcluding": "8.18.2",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC8A0BB4-A21B-4914-8F4B-37D300A4BBB9",
"versionEndIncluding": "5.2",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations contains a stored cross-site scripting vulnerability.\u00a0A malicious actor with editing access to email templates might inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations."
},
{
"lang": "es",
"value": "VMware Aria Operations contiene una vulnerabilidad de cross-site scripting almacenado. Un actor malintencionado con acceso de edici\u00f3n a las plantillas de correo electr\u00f3nico podr\u00eda inyectar una secuencia de comandos maliciosa que provoque cross-site scripting almacenado en el producto VMware Aria Operations."
}
],
"id": "CVE-2024-38833",
"lastModified": "2025-05-14T16:36:49.860",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 4.7,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-11-26T12:15:18.800",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25199"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-06-04 20:15
Modified
2025-07-14 17:22
Severity ?
Summary
VMware NSX Manager UI is vulnerable to a stored Cross-Site Scripting (XSS) attack due to improper input validation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | vmware_nsx | * | |
| broadcom | vmware_nsx | * | |
| broadcom | vmware_nsx | 4.2.2 | |
| vmware | cloud_foundation | * | |
| vmware | telco_cloud_infrastructure | * | |
| vmware | telco_cloud_platform | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:vmware_nsx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA802D68-9739-4EF6-8A2A-841E5A30B747",
"versionEndExcluding": "4.1.2.6",
"versionStartIncluding": "3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:vmware_nsx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2EA245FB-84B8-4B53-8697-029435CD793E",
"versionEndExcluding": "4.2.1.4",
"versionStartIncluding": "4.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:vmware_nsx:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3E4DA6-50BF-402E-AC32-29FB702C23DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2A1D50-E58C-4FB4-821E-CB17B4D6170C",
"versionEndIncluding": "5.2.1.2",
"versionStartIncluding": "4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_infrastructure:*:*:*:*:*:*:*:*",
"matchCriteriaId": "904AA81A-D1C3-4DAF-BB2C-C51FEDF5B3F6",
"versionEndIncluding": "3.0",
"versionStartIncluding": "2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E78094-639D-47D6-998B-4EB111E45D18",
"versionEndIncluding": "5.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware NSX Manager UI is vulnerable to a stored Cross-Site Scripting (XSS) attack due to improper input validation."
},
{
"lang": "es",
"value": "La interfaz de usuario de VMware NSX Manager es vulnerable a un ataque de Cross-Site Scripting (XSS) almacenado debido a una validaci\u00f3n de entrada incorrecta."
}
],
"id": "CVE-2025-22243",
"lastModified": "2025-07-14T17:22:34.970",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 5.3,
"source": "security@vmware.com",
"type": "Secondary"
}
]
},
"published": "2025-06-04T20:15:22.120",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25738"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-31 22:15
Modified
2024-11-21 05:49
Severity ?
Summary
VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints, on port 8443, to be accessed via port 443 using a custom host header. A malicious actor with network access to port 443 could tamper with host headers to facilitate access to the /cfg web app, in addition a malicious actor could access /cfg diagnostic endpoints without authentication.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0016.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0016.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | identity_manager | 3.3.2 | |
| vmware | identity_manager | 3.3.3 | |
| vmware | identity_manager | 3.3.4 | |
| vmware | identity_manager | 3.3.5 | |
| vmware | workspace_one_access | 20.01 | |
| vmware | workspace_one_access | 20.10 | |
| vmware | workspace_one_access | 20.10.01 | |
| linux | linux_kernel | - | |
| vmware | cloud_foundation | 4.0 | |
| vmware | cloud_foundation | 4.0.1 | |
| vmware | cloud_foundation | 4.1 | |
| vmware | cloud_foundation | 4.1.0.1 | |
| vmware | cloud_foundation | 4.2.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.0 | |
| vmware | vrealize_suite_lifecycle_manager | 8.0.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "22BC2D96-5922-4995-B006-1BAB5FE51D93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "97D98937-489B-4AA5-B99E-9AB639C582CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0E93CB5E-CB4A-474A-9901-2E098928C489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A215A7D-F644-41DE-AB4E-69145DA48F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:20.01:*:*:*:*:*:*:*",
"matchCriteriaId": "FFFD453B-7658-4FDA-BA4D-B13681F51724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:20.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC57F3A-E726-4EE5-924D-9C94FED4718D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:20.10.01:*:*:*:*:*:*:*",
"matchCriteriaId": "6C2F7CB4-8425-4D9F-97FC-AD96D9ABC202",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "38EB0C0C-56CF-4A8F-A36F-E0E180B9059E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A54544F5-5929-4609-A91C-FCA0FDBFE862",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA6D6348-E71A-4DA4-AC84-51397B2461A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8EC0B43-8667-45D6-BF97-03DDFFAD2AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4C5700-1AFE-49F6-AC92-09F2349345ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3318D91-40AC-4649-8FCD-4557C8F934B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A06C29AB-1EAF-43EF-96C3-9E3468911B2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "43723EC2-295E-4AF7-B654-70F9E42F4807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB84C30-EE5D-4C15-A74E-7B2B3E0DED4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints, on port 8443, to be accessed via port 443 using a custom host header. A malicious actor with network access to port 443 could tamper with host headers to facilitate access to the /cfg web app, in addition a malicious actor could access /cfg diagnostic endpoints without authentication."
},
{
"lang": "es",
"value": "VMware Workspace ONE Access y Identity Manager, permiten el acceso a la aplicaci\u00f3n web /cfg y a los endpoints de diagn\u00f3stico, en el puerto 8443, por medio del puerto 443 usando un encabezado de host personalizado. Un actor malicioso con acceso de red al puerto 443 podr\u00eda manipular los encabezados de host para facilitar el acceso a la aplicaci\u00f3n web /cfg, adem\u00e1s, un actor malicioso podr\u00eda acceder a los endpoints de diagn\u00f3stico /cfg sin autenticaci\u00f3n"
}
],
"id": "CVE-2021-22002",
"lastModified": "2024-11-21T05:49:25.223",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-31T22:15:08.320",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0016.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-22 19:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vCenter Server contains a denial-of-service vulnerability due to improper XML entity parsing. A malicious actor with non-administrative user access to the vCenter Server vSphere Client (HTML5) or vCenter Server vSphere Web Client (FLEX/Flash) may exploit this issue to create a denial-of-service condition on the vCenter Server host.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "127DEE95-0B04-4A98-B96A-15CC253C7357",
"versionEndExcluding": "3.10.2.2",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "722CF000-C0A1-4704-BDC6-3446D1530F3B",
"versionEndExcluding": "4.3",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*",
"matchCriteriaId": "CF7DDB0C-3C07-4B5E-8B8A-0542FEE72877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*",
"matchCriteriaId": "1DD16169-A7DF-4604-888C-156A60018E32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*",
"matchCriteriaId": "46FC9F34-C8FA-4AFE-9F4A-7CF9516BD4D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*",
"matchCriteriaId": "D26534EB-327B-4ED6-A3E1-005552CB1F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*",
"matchCriteriaId": "786CDD50-7E18-4437-8DB9-2D0ADECD436E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*",
"matchCriteriaId": "B2CE8DAE-0E78-4004-983D-1ECD8855EC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1:*:*:*:*:*:*",
"matchCriteriaId": "7E51F433-1152-4E94-AF77-970230B1A574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1b:*:*:*:*:*:*",
"matchCriteriaId": "0064D104-E0D8-481A-9029-D3726A1A9CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1c:*:*:*:*:*:*",
"matchCriteriaId": "9B4D3F61-6CD9-411F-A205-EB06A57EBB4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1d:*:*:*:*:*:*",
"matchCriteriaId": "F72A1E9C-F960-4E8C-A46C-B38209E6349E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1e:*:*:*:*:*:*",
"matchCriteriaId": "2C33CE46-F529-4EA9-9344-6ED3BFA7019D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1g:*:*:*:*:*:*",
"matchCriteriaId": "9F1D8161-0E02-45C9-BF61-14799AB65E03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2:*:*:*:*:*:*",
"matchCriteriaId": "1F2CB1FF-6118-4875-945D-07BAA3A21FFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2b:*:*:*:*:*:*",
"matchCriteriaId": "1AEDA28A-5C8E-4E95-A377-3BE530DBEAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2c:*:*:*:*:*:*",
"matchCriteriaId": "BDDC6510-3116-4578-80C8-8EF044A8370A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2d:*:*:*:*:*:*",
"matchCriteriaId": "8678DB48-CB98-4E4C-ADE6-CABA73265FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2g:*:*:*:*:*:*",
"matchCriteriaId": "DBD9A341-1FBF-4E04-848B-550DEB27261A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3:*:*:*:*:*:*",
"matchCriteriaId": "4955663C-1BB6-4F3E-9D4B-362DF144B7F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3d:*:*:*:*:*:*",
"matchCriteriaId": "CE0F8453-3D6C-4F1C-9167-3F02E3D905DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3f:*:*:*:*:*:*",
"matchCriteriaId": "0EAD4045-A7F9-464F-ABB9-3782941162CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3k:*:*:*:*:*:*",
"matchCriteriaId": "2F0A79C2-33AE-40C5-A853-770A4C691F29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3n:*:*:*:*:*:*",
"matchCriteriaId": "D8BB6CBC-11D6-40A4-ABAF-53AB9BED5A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3p:*:*:*:*:*:*",
"matchCriteriaId": "26A3EC15-8C04-49AD-9045-4D9FADBD50CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*",
"matchCriteriaId": "5241C282-A02B-44B2-B6CA-BA3A99F9737C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*",
"matchCriteriaId": "04A60AC7-C2EA-4DBF-9743-54D708584AFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*",
"matchCriteriaId": "8A91B0C4-F184-459E-AFD3-DE0E351CC964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1:*:*:*:*:*:*",
"matchCriteriaId": "23253631-2655-48A8-9B00-CB984232329C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1b:*:*:*:*:*:*",
"matchCriteriaId": "50C2A9A8-0E66-4702-BCD4-74622108E7A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2:*:*:*:*:*:*",
"matchCriteriaId": "EE4D3E2A-C32D-408F-B811-EF8BC86F0D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2a:*:*:*:*:*:*",
"matchCriteriaId": "31CA7802-D78D-4BAD-A45A-68B601C010C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2c:*:*:*:*:*:*",
"matchCriteriaId": "3B98981B-4721-4752-BAB4-361DB5AEB86F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3:*:*:*:*:*:*",
"matchCriteriaId": "04487105-980A-4943-9360-4442BF0411E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3a:*:*:*:*:*:*",
"matchCriteriaId": "24D24E06-EB3F-4F11-849B-E66757B01466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3b:*:*:*:*:*:*",
"matchCriteriaId": "8AF12716-88E2-44B5-ACD7-BCBECA130FB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3f:*:*:*:*:*:*",
"matchCriteriaId": "3352212C-E820-47B3-BDF5-57018F5B9E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3g:*:*:*:*:*:*",
"matchCriteriaId": "6436ADFD-6B94-4D2A-B09B-CED4EC6CA276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3j:*:*:*:*:*:*",
"matchCriteriaId": "D06832CE-F946-469D-B495-6735F18D02A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3l:*:*:*:*:*:*",
"matchCriteriaId": "726AC46D-9EA8-4FE8-94B8-0562935458F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3m:*:*:*:*:*:*",
"matchCriteriaId": "0243D22F-1591-4A95-A7FE-2658CEE0C08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3n:*:*:*:*:*:*",
"matchCriteriaId": "02AE5983-CD14-4EAF-9F5C-1281E3DE7F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
"matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*",
"matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*",
"matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*",
"matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "0FC6765A-6584-45A8-9B21-4951D2EA8939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "85DD238C-EF73-44F0-928E-A94FF5C4B378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "F4CA36C1-732E-41AE-B847-F7411B753F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "0DA882B6-D811-4E4B-B614-2D48F0B9036E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2b:*:*:*:*:*:*",
"matchCriteriaId": "8D30A78E-16D0-4A2E-A2F8-F6073698243E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a denial-of-service vulnerability due to improper XML entity parsing. A malicious actor with non-administrative user access to the vCenter Server vSphere Client (HTML5) or vCenter Server vSphere Web Client (FLEX/Flash) may exploit this issue to create a denial-of-service condition on the vCenter Server host."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de denegaci\u00f3n de servicio debido al an\u00e1lisis incorrecto de entidades XML. Un actor malicioso con acceso de usuario no administrativo al vCenter Server vSphere Client (HTML5) o al vCenter Server vSphere Web Client (FLEX/Flash) puede explotar este problema para crear una condici\u00f3n de denegaci\u00f3n de servicio en el host de vCenter Server"
}
],
"id": "CVE-2021-21992",
"lastModified": "2024-11-21T05:49:23.987",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-22T19:15:09.733",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-29 18:15
Modified
2025-02-10 19:01
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2022-0009.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2022-0009.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 |
{
"cisaActionDue": "2024-08-07",
"cisaExploitAdd": "2024-07-17",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "VMware vCenter Server Incorrect Default File Permissions Vulnerability ",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28769D3C-0C46-4E6B-A8E2-75A7B64B1D47",
"versionEndExcluding": "3.11",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73F75D28-E505-4DA6-9E0F-7B38A19CC64C",
"versionEndExcluding": "4.4.1",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*",
"matchCriteriaId": "CF7DDB0C-3C07-4B5E-8B8A-0542FEE72877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*",
"matchCriteriaId": "1DD16169-A7DF-4604-888C-156A60018E32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*",
"matchCriteriaId": "46FC9F34-C8FA-4AFE-9F4A-7CF9516BD4D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*",
"matchCriteriaId": "D26534EB-327B-4ED6-A3E1-005552CB1F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*",
"matchCriteriaId": "786CDD50-7E18-4437-8DB9-2D0ADECD436E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*",
"matchCriteriaId": "B2CE8DAE-0E78-4004-983D-1ECD8855EC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1:*:*:*:*:*:*",
"matchCriteriaId": "7E51F433-1152-4E94-AF77-970230B1A574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1b:*:*:*:*:*:*",
"matchCriteriaId": "0064D104-E0D8-481A-9029-D3726A1A9CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1c:*:*:*:*:*:*",
"matchCriteriaId": "9B4D3F61-6CD9-411F-A205-EB06A57EBB4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1d:*:*:*:*:*:*",
"matchCriteriaId": "F72A1E9C-F960-4E8C-A46C-B38209E6349E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1e:*:*:*:*:*:*",
"matchCriteriaId": "2C33CE46-F529-4EA9-9344-6ED3BFA7019D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1g:*:*:*:*:*:*",
"matchCriteriaId": "9F1D8161-0E02-45C9-BF61-14799AB65E03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2:*:*:*:*:*:*",
"matchCriteriaId": "1F2CB1FF-6118-4875-945D-07BAA3A21FFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2b:*:*:*:*:*:*",
"matchCriteriaId": "1AEDA28A-5C8E-4E95-A377-3BE530DBEAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2c:*:*:*:*:*:*",
"matchCriteriaId": "BDDC6510-3116-4578-80C8-8EF044A8370A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2d:*:*:*:*:*:*",
"matchCriteriaId": "8678DB48-CB98-4E4C-ADE6-CABA73265FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2g:*:*:*:*:*:*",
"matchCriteriaId": "DBD9A341-1FBF-4E04-848B-550DEB27261A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3:*:*:*:*:*:*",
"matchCriteriaId": "4955663C-1BB6-4F3E-9D4B-362DF144B7F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3d:*:*:*:*:*:*",
"matchCriteriaId": "CE0F8453-3D6C-4F1C-9167-3F02E3D905DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3f:*:*:*:*:*:*",
"matchCriteriaId": "0EAD4045-A7F9-464F-ABB9-3782941162CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3k:*:*:*:*:*:*",
"matchCriteriaId": "2F0A79C2-33AE-40C5-A853-770A4C691F29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3n:*:*:*:*:*:*",
"matchCriteriaId": "D8BB6CBC-11D6-40A4-ABAF-53AB9BED5A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3p:*:*:*:*:*:*",
"matchCriteriaId": "26A3EC15-8C04-49AD-9045-4D9FADBD50CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3q:*:*:*:*:*:*",
"matchCriteriaId": "AF7E87BB-1B5B-4F13-A70C-B3C6716E7919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*",
"matchCriteriaId": "5241C282-A02B-44B2-B6CA-BA3A99F9737C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*",
"matchCriteriaId": "04A60AC7-C2EA-4DBF-9743-54D708584AFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*",
"matchCriteriaId": "8A91B0C4-F184-459E-AFD3-DE0E351CC964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1:*:*:*:*:*:*",
"matchCriteriaId": "23253631-2655-48A8-9B00-CB984232329C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1b:*:*:*:*:*:*",
"matchCriteriaId": "50C2A9A8-0E66-4702-BCD4-74622108E7A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2:*:*:*:*:*:*",
"matchCriteriaId": "EE4D3E2A-C32D-408F-B811-EF8BC86F0D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2a:*:*:*:*:*:*",
"matchCriteriaId": "31CA7802-D78D-4BAD-A45A-68B601C010C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2c:*:*:*:*:*:*",
"matchCriteriaId": "3B98981B-4721-4752-BAB4-361DB5AEB86F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3:*:*:*:*:*:*",
"matchCriteriaId": "04487105-980A-4943-9360-4442BF0411E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3a:*:*:*:*:*:*",
"matchCriteriaId": "24D24E06-EB3F-4F11-849B-E66757B01466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3b:*:*:*:*:*:*",
"matchCriteriaId": "8AF12716-88E2-44B5-ACD7-BCBECA130FB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3f:*:*:*:*:*:*",
"matchCriteriaId": "3352212C-E820-47B3-BDF5-57018F5B9E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3g:*:*:*:*:*:*",
"matchCriteriaId": "6436ADFD-6B94-4D2A-B09B-CED4EC6CA276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3j:*:*:*:*:*:*",
"matchCriteriaId": "D06832CE-F946-469D-B495-6735F18D02A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3l:*:*:*:*:*:*",
"matchCriteriaId": "726AC46D-9EA8-4FE8-94B8-0562935458F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3m:*:*:*:*:*:*",
"matchCriteriaId": "0243D22F-1591-4A95-A7FE-2658CEE0C08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3n:*:*:*:*:*:*",
"matchCriteriaId": "02AE5983-CD14-4EAF-9F5C-1281E3DE7F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3o:*:*:*:*:*:*",
"matchCriteriaId": "EFDDF4CA-1C20-430E-A17C-CC2998F8BDDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
"matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*",
"matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*",
"matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*",
"matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "0FC6765A-6584-45A8-9B21-4951D2EA8939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "85DD238C-EF73-44F0-928E-A94FF5C4B378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "F4CA36C1-732E-41AE-B847-F7411B753F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "0DA882B6-D811-4E4B-B614-2D48F0B9036E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2b:*:*:*:*:*:*",
"matchCriteriaId": "8D30A78E-16D0-4A2E-A2F8-F6073698243E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2c:*:*:*:*:*:*",
"matchCriteriaId": "188E103E-9568-4CE0-A984-141B2A9E82D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2d:*:*:*:*:*:*",
"matchCriteriaId": "B266439F-E911-4C95-9D27-88DF96DDCCD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "6508A908-EF14-4A72-AC75-5DA6F8B98A0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3a:*:*:*:*:*:*",
"matchCriteriaId": "3BAD2012-5C82-4EA9-A780-9BF1DA5A18AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3c:*:*:*:*:*:*",
"matchCriteriaId": "58597F18-0B23-4D21-9ABA-D9773958F10E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n debido a un permiso inapropiado de los archivos. Un actor malicioso con acceso no administrativo al vCenter Server puede explotar este problema para conseguir acceso a informaci\u00f3n confidencial"
}
],
"id": "CVE-2022-22948",
"lastModified": "2025-02-10T19:01:58.950",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-03-29T18:15:08.040",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0009.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-25 15:15
Modified
2024-11-21 05:32
Severity ?
Summary
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a heap-overflow vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local access to a virtual machine may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker's control must be present for exploitation to be possible.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2020-0015.html | Vendor Advisory | |
| security@vmware.com | https://www.zerodayinitiative.com/advisories/ZDI-20-784/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2020-0015.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-20-784/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | fusion | * | |
| vmware | workstation | * | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 7.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F22BFA96-7E07-4E05-90A4-45A2F2FC2064",
"versionEndExcluding": "3.10",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02A5A8AC-4C6C-4E95-B730-00783FB79DFF",
"versionEndExcluding": "4.0.1",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CD44672-26F4-4B0F-933E-C929B32E3C9E",
"versionEndExcluding": "11.5.5",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEDE60F7-0DD8-43BD-9780-40058AFDB073",
"versionEndExcluding": "15.5.5",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*",
"matchCriteriaId": "7F916A39-13BD-44A7-A9EC-1FD40EBE357C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*",
"matchCriteriaId": "4F8219B4-1FC2-4383-83E6-92DF700C72D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*",
"matchCriteriaId": "C44C9D6A-8BBE-4970-A732-B9F86D42A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*",
"matchCriteriaId": "427F4ED8-8782-4BDF-A559-11CB8E0A65F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*",
"matchCriteriaId": "63DDC95E-BBCD-4A68-9AFB-B5F9D206818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*",
"matchCriteriaId": "B27E3424-5D4E-4E5D-8762-7AECBB11FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2D217AAB-D45F-480B-8F82-16B261F370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*",
"matchCriteriaId": "1B58312B-D72B-4F13-9EF5-0F42CE592757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*",
"matchCriteriaId": "8FBB88C2-793A-40F2-AA40-EC315115AE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*",
"matchCriteriaId": "21F59801-904B-427F-A1A9-C933E38AB7AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*",
"matchCriteriaId": "5A3FFDE9-FD36-41F9-AC35-E14BB6AEF7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*",
"matchCriteriaId": "D22AFAE1-F817-4037-8EE5-AF04314AAAB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*",
"matchCriteriaId": "8D4C44D6-73AD-48A3-B5F3-31B1FDC77E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*",
"matchCriteriaId": "5D1694B2-1CD9-4943-8CFF-38218CDB88F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*",
"matchCriteriaId": "154B54C8-1D65-4D3E-A64B-CF2D21E71FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*",
"matchCriteriaId": "D86BCD56-4BD6-4C61-B80E-12E47D12A00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*",
"matchCriteriaId": "6741A159-1D92-4E25-BD43-606DE1138D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*",
"matchCriteriaId": "DCC98C53-EEC1-4CFE-9C31-9F2592723B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*",
"matchCriteriaId": "9969057F-BD3A-474E-8A02-087575A8AA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*",
"matchCriteriaId": "7111974A-2A88-4209-8CBB-F872993AE4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*",
"matchCriteriaId": "35722902-3652-44F1-89C2-08EB51F2A1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*",
"matchCriteriaId": "E469AC46-D464-4960-8F23-CA59B3DCB7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*",
"matchCriteriaId": "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*",
"matchCriteriaId": "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*",
"matchCriteriaId": "739948F5-E005-49E3-B412-4E035C7D95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*",
"matchCriteriaId": "D1828A75-5088-4992-A06B-A58B62536F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*",
"matchCriteriaId": "58030F5A-82E1-4D54-A8F0-30CAAD4C8402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*",
"matchCriteriaId": "9A013753-5E40-4CD8-A649-6CD023E0A970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*",
"matchCriteriaId": "F554BC79-A92C-4287-9D94-3657C48E36CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*",
"matchCriteriaId": "F82710D4-3FAB-469F-B15C-F22B4786AE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*",
"matchCriteriaId": "BDE7B96D-AD37-406D-AF62-3797E7A55119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*",
"matchCriteriaId": "A9C294EC-F0BE-44DA-9073-D29D693F0964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*",
"matchCriteriaId": "E05B6CD2-A581-46C2-AEA7-D8A6028FB466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*",
"matchCriteriaId": "6CEC1380-E75E-40B5-BDE8-94E12317CCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*",
"matchCriteriaId": "C7B7079D-785C-4941-929A-C82B54809728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*",
"matchCriteriaId": "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*",
"matchCriteriaId": "31F8FFF5-25BD-408D-9089-567AF16BA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*",
"matchCriteriaId": "EE834CFD-5533-4989-8836-D0F07ED4919C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*",
"matchCriteriaId": "092F9149-6B82-48CD-B90C-87DB36881F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*",
"matchCriteriaId": "B2EA0EC1-0139-403C-AC9B-08D8530F4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*",
"matchCriteriaId": "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*",
"matchCriteriaId": "755CCD27-3C87-497F-BDBB-48D3163909A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*",
"matchCriteriaId": "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*",
"matchCriteriaId": "1CE71B5C-586B-4829-9A7E-3A008A1C1E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*",
"matchCriteriaId": "802A1549-678C-4001-807B-97AD0953B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*",
"matchCriteriaId": "A6024926-4AE4-4609-99DE-E3173A72058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*",
"matchCriteriaId": "AB1CAAFF-616A-4455-86CA-0ED553D3D27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*",
"matchCriteriaId": "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*",
"matchCriteriaId": "13C713B1-AEA0-40B0-829E-4D0A23808577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "70F4DA98-C1D3-489E-958C-B466BEAD772B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a heap-overflow vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local access to a virtual machine may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker\u0027s control must be present for exploitation to be possible."
},
{
"lang": "es",
"value": "VMware ESXi (versiones 7.0 anteriores a ESXi_7.0.0-1.20.16321839, versiones 6.7 anteriores a ESXi670-202004101-SG y versiones 6.5 anteriores a ESXi650-202005401-SG), Workstation (versiones 15.x anteriores a 15.5.5) y Fusion (versiones 11.x anteriores a 11.5. 5), contienen una vulnerabilidad de desbordamiento de la pila en el controlador USB 2.0 (EHCI). Un actor malicioso con acceso local a una m\u00e1quina virtual puede ser capaz de explotar esta vulnerabilidad para ejecutar c\u00f3digo en el hipervisor desde una m\u00e1quina virtual. Unas condiciones adicionales m\u00e1s all\u00e1 del control del atacante deben estar presentes para que la explotaci\u00f3n pueda ser posible"
}
],
"id": "CVE-2020-3967",
"lastModified": "2024-11-21T05:32:04.733",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-25T15:15:11.320",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"source": "security@vmware.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-784/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-784/"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-05 18:15
Modified
2025-05-07 15:37
Severity ?
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Summary
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | workstation | * | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | fusion | * | |
| apple | macos | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D725D84-6426-459F-9B49-ADE7A13FA19A",
"versionEndIncluding": "5.0",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0BFB423-5C6D-40F3-960A-53D9955E7621",
"versionEndExcluding": "17.5.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
"matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "238E7AF4-722B-423D-ABB1-424286B06715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "1E4DE8C7-72FB-4BEC-AD9E-378786295011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1e:*:*:*:*:*:*",
"matchCriteriaId": "2E6DE184-35C8-4A13-91D4-4B43E9F0168C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "D3E3A02D-6C1E-4DE8-B845-60F53C056F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*",
"matchCriteriaId": "12D385F0-DB2B-4802-AD0E-31441DA056B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*",
"matchCriteriaId": "2C202879-9230-4E1D-BAB8-4FB7CE4BBC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*",
"matchCriteriaId": "CC6DC107-5142-4155-A33B-D5BE72E9ED38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2e:*:*:*:*:*:*",
"matchCriteriaId": "39817170-5C45-4F8A-916D-81B7352055DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "4ADC3CFF-7415-46A5-817A-2F053B261E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*",
"matchCriteriaId": "A2F831A7-544E-4B45-BA49-7F7A0234579C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*",
"matchCriteriaId": "80A0DD2E-F1CC-413B-91F9-E3986011A0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3e:*:*:*:*:*:*",
"matchCriteriaId": "C77771B2-BC64-47A5-B6DB-9CBCC4456B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3f:*:*:*:*:*:*",
"matchCriteriaId": "86DE9CE6-F6C0-47D2-B3AB-34852A8B9603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3g:*:*:*:*:*:*",
"matchCriteriaId": "E75B2F03-702E-4359-9BB2-E234F1DC38C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3i:*:*:*:*:*:*",
"matchCriteriaId": "ACAA9494-5248-4B01-8BC1-C38AB615FFD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3j:*:*:*:*:*:*",
"matchCriteriaId": "BF12014B-BF2B-42EF-B70C-59CDA8E2176F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3k:*:*:*:*:*:*",
"matchCriteriaId": "F965D853-EE4A-41F5-840B-2D009ACC9754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3l:*:*:*:*:*:*",
"matchCriteriaId": "BA7B7313-FF53-43C9-AF4D-B639053D3FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3m:*:*:*:*:*:*",
"matchCriteriaId": "9FB5738F-27E4-42C6-BD1B-F7F66A7EF0A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3n:*:*:*:*:*:*",
"matchCriteriaId": "FC3668A6-262B-42BF-9E90-28BAA9BB3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3o:*:*:*:*:*:*",
"matchCriteriaId": "DA4E9185-44BA-41E6-8600-C8616E199334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:b:*:*:*:*:*:*",
"matchCriteriaId": "BC6F088D-0404-4588-9788-7A5903C5BC82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "7A1A402A-9262-4B97-A0B7-E5AE045E394D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:a:*:*:*:*:*:*",
"matchCriteriaId": "FE44B379-9943-4DD1-8514-26F87482AFA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:b:*:*:*:*:*:*",
"matchCriteriaId": "2A797377-8945-4D75-AA68-A768855E5842",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:c:*:*:*:*:*:*",
"matchCriteriaId": "79D84D76-54BE-49E9-905C-7D65B4B42D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2F8767F7-7C3D-457D-9EAC-E8A30796F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "29AF8474-2D7A-4C5A-82B9-7A873AD90C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "7781A2CA-D927-48CD-9932-AE42B7BA1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "360C1B71-5360-4379-B0DE-63BB8F5E6DA2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50649AB8-57FD-4210-A7F4-3AD7D00F6A91",
"versionEndExcluding": "13.5.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller.\u00a0A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process.\u00a0\u00a0\n\n\n\n\n\n\n\n\n\n\n\n"
},
{
"lang": "es",
"value": "VMware ESXi, Workstation y Fusion contienen una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en el controlador USB UHCI. Un actor malintencionado con acceso administrativo a una m\u00e1quina virtual puede aprovechar este problema para perder memoria del proceso vmx."
}
],
"id": "CVE-2024-22255",
"lastModified": "2025-05-07T15:37:25.187",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 4.0,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 4.0,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-03-05T18:15:48.277",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-24 17:15
Modified
2024-11-21 05:49
Severity ?
Summary
OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG) has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue in OpenSLP service resulting in remote code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://packetstormsecurity.com/files/162957/VMware-ESXi-OpenSLP-Heap-Overflow.html | Exploit, Third Party Advisory, VDB Entry | |
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0002.html | Vendor Advisory | |
| security@vmware.com | https://www.zerodayinitiative.com/advisories/ZDI-21-250/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/162957/VMware-ESXi-OpenSLP-Heap-Overflow.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0002.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-21-250/ | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 7.0.0 | |
| vmware | esxi | 7.0.0 | |
| vmware | esxi | 7.0.0 | |
| vmware | esxi | 7.0.0 | |
| vmware | esxi | 7.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1995769A-1AB9-47FA-966A-8E82D414161E",
"versionEndExcluding": "3.10.1.2",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A608D809-6E65-4228-9207-CB470529C542",
"versionEndExcluding": "4.2",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:2:*:*:*:*:*:*",
"matchCriteriaId": "60405BAB-A6C6-4AD8-A5D2-EAD114FE931F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*",
"matchCriteriaId": "7F916A39-13BD-44A7-A9EC-1FD40EBE357C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*",
"matchCriteriaId": "4F8219B4-1FC2-4383-83E6-92DF700C72D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*",
"matchCriteriaId": "C44C9D6A-8BBE-4970-A732-B9F86D42A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*",
"matchCriteriaId": "427F4ED8-8782-4BDF-A559-11CB8E0A65F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*",
"matchCriteriaId": "63DDC95E-BBCD-4A68-9AFB-B5F9D206818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*",
"matchCriteriaId": "B27E3424-5D4E-4E5D-8762-7AECBB11FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2D217AAB-D45F-480B-8F82-16B261F370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*",
"matchCriteriaId": "1B58312B-D72B-4F13-9EF5-0F42CE592757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*",
"matchCriteriaId": "8FBB88C2-793A-40F2-AA40-EC315115AE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*",
"matchCriteriaId": "21F59801-904B-427F-A1A9-C933E38AB7AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*",
"matchCriteriaId": "5A3FFDE9-FD36-41F9-AC35-E14BB6AEF7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*",
"matchCriteriaId": "D22AFAE1-F817-4037-8EE5-AF04314AAAB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*",
"matchCriteriaId": "8D4C44D6-73AD-48A3-B5F3-31B1FDC77E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*",
"matchCriteriaId": "5D1694B2-1CD9-4943-8CFF-38218CDB88F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*",
"matchCriteriaId": "154B54C8-1D65-4D3E-A64B-CF2D21E71FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*",
"matchCriteriaId": "D86BCD56-4BD6-4C61-B80E-12E47D12A00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*",
"matchCriteriaId": "6741A159-1D92-4E25-BD43-606DE1138D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*",
"matchCriteriaId": "DCC98C53-EEC1-4CFE-9C31-9F2592723B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C565246C-896C-4E48-8C24-344C9B0A3057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202007001:*:*:*:*:*:*",
"matchCriteriaId": "8479F377-4F47-433D-867D-A94A4B0E46EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202010001:*:*:*:*:*:*",
"matchCriteriaId": "ECC2468D-6B23-4C7E-951B-DDA8DD17B51E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202011001:*:*:*:*:*:*",
"matchCriteriaId": "2CB7210B-C9FC-41FA-A258-1F6EC737E9BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202011002:*:*:*:*:*:*",
"matchCriteriaId": "3279299C-37AD-47DF-B22A-20562D13AD80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202102001:*:*:*:*:*:*",
"matchCriteriaId": "91032EB0-AC08-459A-8D78-C7412AE64E3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201-ug:*:*:*:*:*:*",
"matchCriteriaId": "7264CDC9-FB2D-45A9-9307-C197B1052477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202-ug:*:*:*:*:*:*",
"matchCriteriaId": "D0538570-759A-441A-BC37-556642C090F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203-ug:*:*:*:*:*:*",
"matchCriteriaId": "9CF906E5-A846-49BA-925B-C6059FD02BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204-ug:*:*:*:*:*:*",
"matchCriteriaId": "7D3D0230-53D4-469F-AD46-74F057F6F9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205-ug:*:*:*:*:*:*",
"matchCriteriaId": "8D8E89CE-C919-4CDF-98BE-BA9A126B36BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206-ug:*:*:*:*:*:*",
"matchCriteriaId": "73DA1453-4756-4C16-9640-B3B0C6F617DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207-ug:*:*:*:*:*:*",
"matchCriteriaId": "589EE886-6927-4AEA-903C-155C23B1747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BDDFA27-0D99-4D98-B00F-5D038488BAAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209-ug:*:*:*:*:*:*",
"matchCriteriaId": "3F931502-8460-4373-92D7-CFD817F4A062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210-ug:*:*:*:*:*:*",
"matchCriteriaId": "287D4E48-4890-46C2-8B9B-1CE484C9D30A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211-ug:*:*:*:*:*:*",
"matchCriteriaId": "A916EB29-ADE4-4D65-BF8E-98B44E466AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212-ug:*:*:*:*:*:*",
"matchCriteriaId": "BC024B88-DEDD-49E5-B668-5B00C212B6A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213-ug:*:*:*:*:*:*",
"matchCriteriaId": "DB9F131B-46BE-44F8-904B-FD0839926B18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214-ug:*:*:*:*:*:*",
"matchCriteriaId": "BA2195E5-3BAD-4E90-BE40-A59C0A6A9EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215-ug:*:*:*:*:*:*",
"matchCriteriaId": "1503D3D9-E1A7-41F9-B26D-0AED8ABE6FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216-ug:*:*:*:*:*:*",
"matchCriteriaId": "7BD28EE0-808D-4A76-B707-F163527608C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217-ug:*:*:*:*:*:*",
"matchCriteriaId": "79225541-575F-44FC-8ED6-24BA6A4128EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218-ug:*:*:*:*:*:*",
"matchCriteriaId": "8A4A62CD-A46B-4612-9DC8-7744E6D5EA40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219-ug:*:*:*:*:*:*",
"matchCriteriaId": "D526CE1D-ED76-44EB-9377-53EF7556E254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220-ug:*:*:*:*:*:*",
"matchCriteriaId": "D7E92A1C-40EB-441B-A634-42609527210A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221-ug:*:*:*:*:*:*",
"matchCriteriaId": "111A10BE-FC5A-4272-9719-1DED62694A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222-ug:*:*:*:*:*:*",
"matchCriteriaId": "FC65FCFC-CD55-401A-8986-A1DBF544D228",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223-ug:*:*:*:*:*:*",
"matchCriteriaId": "EEBD3AEC-284C-44E1-A4CD-010787114737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224-ug:*:*:*:*:*:*",
"matchCriteriaId": "42F87C20-5A00-43C9-A445-50AD716233D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225-ug:*:*:*:*:*:*",
"matchCriteriaId": "C1412AFC-CBE8-4151-B01D-785F11ACAB85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226-ug:*:*:*:*:*:*",
"matchCriteriaId": "6431DD1F-2269-4AFB-B486-9B6373F41C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BA5D0CB-E5B0-4C95-91A7-C662BAE01483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228-ug:*:*:*:*:*:*",
"matchCriteriaId": "A86BDAB4-3924-45A8-9130-517DEA184FA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229-ug:*:*:*:*:*:*",
"matchCriteriaId": "A6EAE07B-2849-4E3B-B8D0-F68E6440A9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*",
"matchCriteriaId": "9969057F-BD3A-474E-8A02-087575A8AA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*",
"matchCriteriaId": "7111974A-2A88-4209-8CBB-F872993AE4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*",
"matchCriteriaId": "35722902-3652-44F1-89C2-08EB51F2A1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*",
"matchCriteriaId": "E469AC46-D464-4960-8F23-CA59B3DCB7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*",
"matchCriteriaId": "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*",
"matchCriteriaId": "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*",
"matchCriteriaId": "739948F5-E005-49E3-B412-4E035C7D95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*",
"matchCriteriaId": "D1828A75-5088-4992-A06B-A58B62536F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*",
"matchCriteriaId": "58030F5A-82E1-4D54-A8F0-30CAAD4C8402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*",
"matchCriteriaId": "9A013753-5E40-4CD8-A649-6CD023E0A970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*",
"matchCriteriaId": "F554BC79-A92C-4287-9D94-3657C48E36CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*",
"matchCriteriaId": "F82710D4-3FAB-469F-B15C-F22B4786AE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*",
"matchCriteriaId": "BDE7B96D-AD37-406D-AF62-3797E7A55119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*",
"matchCriteriaId": "A9C294EC-F0BE-44DA-9073-D29D693F0964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*",
"matchCriteriaId": "E05B6CD2-A581-46C2-AEA7-D8A6028FB466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*",
"matchCriteriaId": "6CEC1380-E75E-40B5-BDE8-94E12317CCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*",
"matchCriteriaId": "C7B7079D-785C-4941-929A-C82B54809728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*",
"matchCriteriaId": "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*",
"matchCriteriaId": "31F8FFF5-25BD-408D-9089-567AF16BA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*",
"matchCriteriaId": "EE834CFD-5533-4989-8836-D0F07ED4919C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*",
"matchCriteriaId": "092F9149-6B82-48CD-B90C-87DB36881F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*",
"matchCriteriaId": "B2EA0EC1-0139-403C-AC9B-08D8530F4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*",
"matchCriteriaId": "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*",
"matchCriteriaId": "755CCD27-3C87-497F-BDBB-48D3163909A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*",
"matchCriteriaId": "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*",
"matchCriteriaId": "1CE71B5C-586B-4829-9A7E-3A008A1C1E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*",
"matchCriteriaId": "802A1549-678C-4001-807B-97AD0953B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*",
"matchCriteriaId": "A6024926-4AE4-4609-99DE-E3173A72058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*",
"matchCriteriaId": "AB1CAAFF-616A-4455-86CA-0ED553D3D27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*",
"matchCriteriaId": "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*",
"matchCriteriaId": "13C713B1-AEA0-40B0-829E-4D0A23808577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004301:*:*:*:*:*:*",
"matchCriteriaId": "04BAED99-1BF3-4089-B6E6-0BE505E6D846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004401:*:*:*:*:*:*",
"matchCriteriaId": "F318EA34-1EB7-484D-B016-3173683B0823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004402:*:*:*:*:*:*",
"matchCriteriaId": "08254171-3483-4796-AD29-8C8A66BEA7A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004403:*:*:*:*:*:*",
"matchCriteriaId": "BB87B220-ED25-4818-8E70-A9663CCEF005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004404:*:*:*:*:*:*",
"matchCriteriaId": "1275D19D-05C0-42F8-8402-647E512DAC72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004405:*:*:*:*:*:*",
"matchCriteriaId": "7D919EB9-F45B-4A4B-9887-7DE98065B766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004406:*:*:*:*:*:*",
"matchCriteriaId": "6CB29FBD-2AD3-49D0-9F49-AE4DD9192C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004407:*:*:*:*:*:*",
"matchCriteriaId": "C2ACA3A8-5B40-45C4-B47F-0DCF04D6700F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004408:*:*:*:*:*:*",
"matchCriteriaId": "92E98665-4919-4D45-88CF-28835DADD6E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C0A275B7-DBF3-4332-8B5F-C9CAD84229B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202008001:*:*:*:*:*:*",
"matchCriteriaId": "497F58A2-0A2C-4A59-A73B-31C956EF3CD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202010001:*:*:*:*:*:*",
"matchCriteriaId": "18E8632C-E442-4F18-BFE2-96AE5C839F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202011001:*:*:*:*:*:*",
"matchCriteriaId": "13D69B99-CB36-45DD-9FD9-C58186998200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202011002:*:*:*:*:*:*",
"matchCriteriaId": "EF0BC157-1834-46D8-9BF9-0CE9648C7D8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202102001:*:*:*:*:*:*",
"matchCriteriaId": "728136B6-47A7-42BC-9464-7745E4F2B4FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "70F4DA98-C1D3-489E-958C-B466BEAD772B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:b:*:*:*:*:*:*",
"matchCriteriaId": "BC6F088D-0404-4588-9788-7A5903C5BC82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "18371326-D0DD-4E7B-AF9E-5963C73FB5C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "A785B3DD-929D-4F2F-829D-89F231EC2A10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:update_1b:*:*:*:*:*:*",
"matchCriteriaId": "CA82984F-607E-4A81-ACDC-8DED0D45F14F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG) has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue in OpenSLP service resulting in remote code execution."
},
{
"lang": "es",
"value": "OpenSLP como es usado en ESXi (versiones 7.0 anteriores a ESXi70U1c-17325551, versiones 6.7 anteriores a ESXi670-202102401-SG, versiones 6.5 anteriores a ESXi650-202102101-SG), presenta una vulnerabilidad de desbordamiento de la pila.\u0026#xa0;Un actor malicioso que reside dentro del mismo segmento de red que ESXi y que presenta acceso al puerto 427 puede desencadenar el problema de desbordamiento de la pila en el servicio OpenSLP, resultando en una ejecuci\u00f3n de c\u00f3digo remota"
}
],
"id": "CVE-2021-21974",
"lastModified": "2024-11-21T05:49:21.173",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-02-24T17:15:16.017",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/162957/VMware-ESXi-OpenSLP-Heap-Overflow.html"
},
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
},
{
"source": "security@vmware.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-250/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/162957/VMware-ESXi-OpenSLP-Heap-Overflow.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-250/"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-11-20 20:15
Modified
2024-11-21 05:32
Severity ?
Summary
VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x before 15.5.7), Fusion (11.x before 11.5.7) contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2020-0026.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2020-0026.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | fusion | * | |
| apple | mac_os_x | - | |
| vmware | cloud_foundation | * | |
| vmware | workstation | * | |
| vmware | cloud_foundation | * | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A6B06C7-49AA-4F09-B87F-A25D0202F5B1",
"versionEndExcluding": "11.5.7",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1995769A-1AB9-47FA-966A-8E82D414161E",
"versionEndExcluding": "3.10.1.2",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22C19FF0-3E38-4717-9044-092EF9C4C486",
"versionEndExcluding": "15.5.7",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBD2E65C-08C3-4116-9CAD-B0764EB025C8",
"versionEndExcluding": "4.1.0.1",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*",
"matchCriteriaId": "7F916A39-13BD-44A7-A9EC-1FD40EBE357C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*",
"matchCriteriaId": "4F8219B4-1FC2-4383-83E6-92DF700C72D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*",
"matchCriteriaId": "C44C9D6A-8BBE-4970-A732-B9F86D42A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*",
"matchCriteriaId": "427F4ED8-8782-4BDF-A559-11CB8E0A65F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*",
"matchCriteriaId": "63DDC95E-BBCD-4A68-9AFB-B5F9D206818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*",
"matchCriteriaId": "B27E3424-5D4E-4E5D-8762-7AECBB11FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2D217AAB-D45F-480B-8F82-16B261F370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*",
"matchCriteriaId": "1B58312B-D72B-4F13-9EF5-0F42CE592757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*",
"matchCriteriaId": "8FBB88C2-793A-40F2-AA40-EC315115AE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*",
"matchCriteriaId": "21F59801-904B-427F-A1A9-C933E38AB7AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*",
"matchCriteriaId": "5A3FFDE9-FD36-41F9-AC35-E14BB6AEF7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*",
"matchCriteriaId": "D22AFAE1-F817-4037-8EE5-AF04314AAAB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*",
"matchCriteriaId": "8D4C44D6-73AD-48A3-B5F3-31B1FDC77E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*",
"matchCriteriaId": "5D1694B2-1CD9-4943-8CFF-38218CDB88F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*",
"matchCriteriaId": "154B54C8-1D65-4D3E-A64B-CF2D21E71FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*",
"matchCriteriaId": "D86BCD56-4BD6-4C61-B80E-12E47D12A00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*",
"matchCriteriaId": "6741A159-1D92-4E25-BD43-606DE1138D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*",
"matchCriteriaId": "DCC98C53-EEC1-4CFE-9C31-9F2592723B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C565246C-896C-4E48-8C24-344C9B0A3057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202007001:*:*:*:*:*:*",
"matchCriteriaId": "8479F377-4F47-433D-867D-A94A4B0E46EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202010001:*:*:*:*:*:*",
"matchCriteriaId": "ECC2468D-6B23-4C7E-951B-DDA8DD17B51E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202011001:*:*:*:*:*:*",
"matchCriteriaId": "2CB7210B-C9FC-41FA-A258-1F6EC737E9BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202011002:*:*:*:*:*:*",
"matchCriteriaId": "3279299C-37AD-47DF-B22A-20562D13AD80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201-ug:*:*:*:*:*:*",
"matchCriteriaId": "7264CDC9-FB2D-45A9-9307-C197B1052477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202-ug:*:*:*:*:*:*",
"matchCriteriaId": "D0538570-759A-441A-BC37-556642C090F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203-ug:*:*:*:*:*:*",
"matchCriteriaId": "9CF906E5-A846-49BA-925B-C6059FD02BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204-ug:*:*:*:*:*:*",
"matchCriteriaId": "7D3D0230-53D4-469F-AD46-74F057F6F9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205-ug:*:*:*:*:*:*",
"matchCriteriaId": "8D8E89CE-C919-4CDF-98BE-BA9A126B36BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206-ug:*:*:*:*:*:*",
"matchCriteriaId": "73DA1453-4756-4C16-9640-B3B0C6F617DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207-ug:*:*:*:*:*:*",
"matchCriteriaId": "589EE886-6927-4AEA-903C-155C23B1747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BDDFA27-0D99-4D98-B00F-5D038488BAAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209-ug:*:*:*:*:*:*",
"matchCriteriaId": "3F931502-8460-4373-92D7-CFD817F4A062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210-ug:*:*:*:*:*:*",
"matchCriteriaId": "287D4E48-4890-46C2-8B9B-1CE484C9D30A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211-ug:*:*:*:*:*:*",
"matchCriteriaId": "A916EB29-ADE4-4D65-BF8E-98B44E466AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212-ug:*:*:*:*:*:*",
"matchCriteriaId": "BC024B88-DEDD-49E5-B668-5B00C212B6A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213-ug:*:*:*:*:*:*",
"matchCriteriaId": "DB9F131B-46BE-44F8-904B-FD0839926B18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214-ug:*:*:*:*:*:*",
"matchCriteriaId": "BA2195E5-3BAD-4E90-BE40-A59C0A6A9EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215-ug:*:*:*:*:*:*",
"matchCriteriaId": "1503D3D9-E1A7-41F9-B26D-0AED8ABE6FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216-ug:*:*:*:*:*:*",
"matchCriteriaId": "7BD28EE0-808D-4A76-B707-F163527608C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217-ug:*:*:*:*:*:*",
"matchCriteriaId": "79225541-575F-44FC-8ED6-24BA6A4128EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218-ug:*:*:*:*:*:*",
"matchCriteriaId": "8A4A62CD-A46B-4612-9DC8-7744E6D5EA40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219-ug:*:*:*:*:*:*",
"matchCriteriaId": "D526CE1D-ED76-44EB-9377-53EF7556E254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220-ug:*:*:*:*:*:*",
"matchCriteriaId": "D7E92A1C-40EB-441B-A634-42609527210A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221-ug:*:*:*:*:*:*",
"matchCriteriaId": "111A10BE-FC5A-4272-9719-1DED62694A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222-ug:*:*:*:*:*:*",
"matchCriteriaId": "FC65FCFC-CD55-401A-8986-A1DBF544D228",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223-ug:*:*:*:*:*:*",
"matchCriteriaId": "EEBD3AEC-284C-44E1-A4CD-010787114737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224-ug:*:*:*:*:*:*",
"matchCriteriaId": "42F87C20-5A00-43C9-A445-50AD716233D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225-ug:*:*:*:*:*:*",
"matchCriteriaId": "C1412AFC-CBE8-4151-B01D-785F11ACAB85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201911001:*:*:*:*:*:*",
"matchCriteriaId": "2130E67D-7F2A-4D82-BEFD-BA42B6B6FDA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C0A275B7-DBF3-4332-8B5F-C9CAD84229B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202008001:*:*:*:*:*:*",
"matchCriteriaId": "497F58A2-0A2C-4A59-A73B-31C956EF3CD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202010001:*:*:*:*:*:*",
"matchCriteriaId": "18E8632C-E442-4F18-BFE2-96AE5C839F0E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "F030A666-1955-438B-8417-5C294905399F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
"matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x before 15.5.7), Fusion (11.x before 11.5.7) contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host."
},
{
"lang": "es",
"value": "VMware ESXi (versiones 7.0 anteriores a ESXi70U1b-17168206, versiones 6.7 anteriores a ESXi670-202011101-SG, versiones 6.5 anteriores a ESXi650-202011301-SG), Workstation (versiones 15.x anteriores a 15.5.7), Fusion (versiones 11.x anteriores a 11.5.7), contienen una vulnerabilidad de uso de la memoria previamente liberada en el controlador USB XHCI.\u0026#xa0;Un actor malicioso con privilegios administrativos locales en una m\u00e1quina virtual puede explotar este problema para ejecutar c\u00f3digo como el proceso VMX de la m\u00e1quina virtual que se ejecuta en el host"
}
],
"id": "CVE-2020-4004",
"lastModified": "2024-11-21T05:32:08.870",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-11-20T20:15:13.147",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0026.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-30 18:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary log-file read vulnerability. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can read any log file resulting in sensitive information disclosure.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0018.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0018.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | vrealize_operations_manager | * | |
| vmware | vrealize_operations_manager | 7.5.0 | |
| vmware | vrealize_suite_lifecycle_manager | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE39D06C-8AF4-4978-BCFD-80FB0A36C93A",
"versionEndIncluding": "3.10.2.1",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6A3FA17-BA09-499D-BAC7-053B380DF443",
"versionEndIncluding": "4.2.1",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B12F2BE9-8DA7-4BF0-85C0-0B5D6C4532A8",
"versionEndExcluding": "8.5.0",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:7.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC6471F-2FB5-4C7A-9B5D-0B08A8E2C08C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4767C7D-8165-43A6-8F16-12F8EE65FDFB",
"versionEndIncluding": "8.2",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary log-file read vulnerability. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can read any log file resulting in sensitive information disclosure."
},
{
"lang": "es",
"value": "La API de vRealize Operations Manager (versiones 8.x anteriores a 8.5) contiene una vulnerabilidad de lectura arbitraria de archivos de registro. Un actor malicioso no autenticado con acceso a la red de la API de vRealize Operations Manager puede leer cualquier archivo de registro, resultando en una divulgaci\u00f3n de informaci\u00f3n confidencial."
}
],
"id": "CVE-2021-22024",
"lastModified": "2024-11-21T05:49:27.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-30T18:15:08.327",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-30 16:15
Modified
2025-05-14 16:47
Severity ?
7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
VMware Aria Operations contains an information disclosure vulnerability. A malicious user with non-administrative privileges may exploit this vulnerability to retrieve credentials for an outbound plugin if a valid service credential ID is known.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | aria_operations | * | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:aria_operations:*:*:*:*:*:*:*:*",
"matchCriteriaId": "444E44E3-23E1-4566-BD42-46B57DDC7DD3",
"versionEndExcluding": "8.18.3",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC8A0BB4-A21B-4914-8F4B-37D300A4BBB9",
"versionEndIncluding": "5.2",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations contains an information disclosure vulnerability.\u00a0A malicious user with non-administrative privileges\u00a0may exploit this vulnerability to retrieve credentials for an outbound plugin if a valid service credential ID is known."
},
{
"lang": "es",
"value": "VMware Aria Operations contiene una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n. Un usuario malintencionado con privilegios no administrativos puede aprovechar esta vulnerabilidad para recuperar las credenciales de un complemento saliente si se conoce una ID de credencial de servicio v\u00e1lida."
}
],
"id": "CVE-2025-22222",
"lastModified": "2025-05-14T16:47:55.030",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-30T16:15:31.367",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25329"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-497"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-13 16:15
Modified
2024-11-21 05:49
Severity ?
Summary
Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0021.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0021.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vrealize_operations | * | |
| vmware | vrealize_suite_lifecycle_manager | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5068412-9124-4072-B63B-C4B7855C61F2",
"versionEndIncluding": "4.3.1",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BA605E3-5660-43DC-896D-889F54E06C74",
"versionEndExcluding": "8.6.0",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4767C7D-8165-43A6-8F16-12F8EE65FDFB",
"versionEndIncluding": "8.2",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability."
},
{
"lang": "es",
"value": "Las versiones anteriores a VMware vRealize Operations versi\u00f3n 8.6, contienen una vulnerabilidad de tipo Server Side Request Forgery (SSRF)"
}
],
"id": "CVE-2021-22033",
"lastModified": "2024-11-21T05:49:28.410",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-13T16:15:07.643",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0021.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-05-20 13:15
Modified
2025-06-12 16:22
Severity ?
Summary
VMware Cloud Foundation contains a missing authorisation vulnerability. A malicious actor with access to VMware Cloud Foundation appliance may be able to perform certain unauthorised actions and access limited sensitive information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8638B935-23B6-4588-A25C-E999783F622F",
"versionEndExcluding": "4.5.2",
"versionStartIncluding": "4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F176521-1515-496F-8D45-C699A89B662C",
"versionEndExcluding": "5.2.1.2",
"versionStartIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Cloud Foundation\u00a0contains a missing authorisation vulnerability.\u00a0A malicious actor with access to VMware Cloud Foundation appliance may be able to perform certain unauthorised actions and access limited sensitive information."
},
{
"lang": "es",
"value": "VMware Cloud Foundation presenta una vulnerabilidad de falta de autorizaci\u00f3n. Un agente malicioso con acceso al dispositivo VMware Cloud Foundation podr\u00eda realizar ciertas acciones no autorizadas y acceder a informaci\u00f3n confidencial limitada."
}
],
"id": "CVE-2025-41231",
"lastModified": "2025-06-12T16:22:47.783",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 4.7,
"source": "security@vmware.com",
"type": "Secondary"
}
]
},
"published": "2025-05-20T13:15:48.103",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25733"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-21 18:15
Modified
2025-06-27 13:37
Severity ?
Summary
The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6C5CFA-E78F-46EA-B8E0-8AE2A29C9586",
"versionEndExcluding": "5.1.1",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
"matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*",
"matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*",
"matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*",
"matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "0FC6765A-6584-45A8-9B21-4951D2EA8939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "85DD238C-EF73-44F0-928E-A94FF5C4B378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "F4CA36C1-732E-41AE-B847-F7411B753F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "0DA882B6-D811-4E4B-B614-2D48F0B9036E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2b:*:*:*:*:*:*",
"matchCriteriaId": "8D30A78E-16D0-4A2E-A2F8-F6073698243E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2c:*:*:*:*:*:*",
"matchCriteriaId": "188E103E-9568-4CE0-A984-141B2A9E82D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2d:*:*:*:*:*:*",
"matchCriteriaId": "B266439F-E911-4C95-9D27-88DF96DDCCD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "6508A908-EF14-4A72-AC75-5DA6F8B98A0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3a:*:*:*:*:*:*",
"matchCriteriaId": "3BAD2012-5C82-4EA9-A780-9BF1DA5A18AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3c:*:*:*:*:*:*",
"matchCriteriaId": "58597F18-0B23-4D21-9ABA-D9773958F10E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3d:*:*:*:*:*:*",
"matchCriteriaId": "ADF46C54-313B-4742-A074-EEA0A6554680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3e:*:*:*:*:*:*",
"matchCriteriaId": "9587F800-57BC-44B6-870E-95691684FC46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3f:*:*:*:*:*:*",
"matchCriteriaId": "AD148A75-5076-416D-AFD6-0F281DA0A82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3g:*:*:*:*:*:*",
"matchCriteriaId": "956CEA8C-F8C4-41BD-85B4-44FE3A772E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3h:*:*:*:*:*:*",
"matchCriteriaId": "008AEA0F-116B-4AF8-B3A7-3041CCE25235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3i:*:*:*:*:*:*",
"matchCriteriaId": "EE486B2F-AED4-4FCE-A674-DFC25844FEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3j:*:*:*:*:*:*",
"matchCriteriaId": "4F73AA9E-51E9-4FA0-813D-AD05FDC3EF94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3k:*:*:*:*:*:*",
"matchCriteriaId": "455DD46E-A071-476D-8914-767485E45F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3l:*:*:*:*:*:*",
"matchCriteriaId": "3A422D04-48DF-4A16-94F8-D5702CC2782D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3m:*:*:*:*:*:*",
"matchCriteriaId": "806E9219-CDF4-4E62-978E-334E96A94BA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3n:*:*:*:*:*:*",
"matchCriteriaId": "34D8B182-4E71-4655-8DD8-743A3EF6DC8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3o:*:*:*:*:*:*",
"matchCriteriaId": "8D8F6CC7-6B6D-4079-9E2C-A85C4616FF92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3p:*:*:*:*:*:*",
"matchCriteriaId": "A814F0AB-4AEB-4139-976F-425A4A9EC67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "CC974CA1-88D3-42E4-BF1F-28870F8171B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:a:*:*:*:*:*:*",
"matchCriteriaId": "EFE63984-F69B-4593-9AEC-D179D6D98B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:b:*:*:*:*:*:*",
"matchCriteriaId": "34D1F3B3-8E3F-4E4D-8EE6-2F593663B5CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:c:*:*:*:*:*:*",
"matchCriteriaId": "16F3D992-9F48-4604-9AAF-DC2D1CE98BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "C745A7E6-4760-48CD-B7C4-1C2C20217F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "A5522514-8ED9-45DB-9036-33FE40D77E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1b:*:*:*:*:*:*",
"matchCriteriaId": "8C27C660-E917-4944-8B4C-41D9622B76D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "56CFB469-B3E6-4503-A47C-D18206D4D19A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "67024A43-9E13-4F4E-B711-731792DA3840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1e:*:*:*:*:*:*",
"matchCriteriaId": "1188E9D6-53AD-40D0-8146-3728D071008D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "604F559F-1775-4F29-996E-9079B99345B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "61DC9400-5AEE-49AC-9925-0A96E32BD8C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains an authenticated remote code execution vulnerability.\u00a0A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system."
},
{
"lang": "es",
"value": " vCenter Server contiene una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo autenticado. Un actor malintencionado con privilegios administrativos en el shell del dispositivo vCenter puede aprovechar este problema para ejecutar comandos arbitrarios en el sistema operativo subyacente."
}
],
"id": "CVE-2024-22274",
"lastModified": "2025-06-27T13:37:52.240",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "security@vmware.com",
"type": "Secondary"
}
]
},
"published": "2024-05-21T18:15:09.190",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-30 16:15
Modified
2025-05-14 16:46
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
VMware Aria Operations for Logs contains a privilege escalation vulnerability. A malicious actor with non-administrative privileges and network access to Aria Operations for Logs API may be able to perform certain operations in the context of an admin user.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | aria_operations_for_logs | * | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:aria_operations_for_logs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7883672C-8E78-4378-9EAB-42A656006A72",
"versionEndExcluding": "8.18.3",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC8A0BB4-A21B-4914-8F4B-37D300A4BBB9",
"versionEndIncluding": "5.2",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations for Logs contains a privilege escalation\u00a0vulnerability.\u00a0A malicious actor with non-administrative privileges and network access to Aria Operations for Logs API may be able to perform certain operations in the context of an admin user."
},
{
"lang": "es",
"value": "VMware Aria Operations for Logs contiene una vulnerabilidad de escalada de privilegios. Un actor malintencionado con privilegios no administrativos y acceso de red a la API de Aria Operations for Logs podr\u00eda realizar determinadas operaciones en el contexto de un usuario administrador."
}
],
"id": "CVE-2025-22220",
"lastModified": "2025-05-14T16:46:59.413",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-30T16:15:31.143",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25329"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-13 16:15
Modified
2025-04-22 16:15
Severity ?
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2022-0030.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2022-0030.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | 3.10 | |
| vmware | cloud_foundation | 3.11 | |
| vmware | cloud_foundation | 4.3.11 | |
| vmware | cloud_foundation | 4.4 | |
| vmware | cloud_foundation | 4.4.1 | |
| vmware | cloud_foundation | 4.4.1.1 | |
| vmware | cloud_foundation | 4.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F22BFA96-7E07-4E05-90A4-45A2F2FC2064",
"versionEndExcluding": "3.10",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "256BB2E8-4129-42FD-9C90-7A37778D21A2",
"versionEndExcluding": "4.3.11",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.10:-:*:*:*:*:*:*",
"matchCriteriaId": "2AAFA3FB-BB6F-4C17-9D99-2E1DC108BBD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.11:-:*:*:*:*:*:*",
"matchCriteriaId": "E6482E11-7F75-46D6-8039-486EF8C446A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "0BB8D47C-637F-4F1F-9CCF-AF60B6EF4D4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F7B0AA0D-0BE2-40C5-A432-F607EF66829C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6C767B9C-CDAC-4651-B696-589726CDD5C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E216CBB-8C99-46AA-B195-E16393354D14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E62468B0-963B-4035-81CA-86F5273A33F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*",
"matchCriteriaId": "7F916A39-13BD-44A7-A9EC-1FD40EBE357C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*",
"matchCriteriaId": "4F8219B4-1FC2-4383-83E6-92DF700C72D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*",
"matchCriteriaId": "C44C9D6A-8BBE-4970-A732-B9F86D42A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*",
"matchCriteriaId": "427F4ED8-8782-4BDF-A559-11CB8E0A65F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*",
"matchCriteriaId": "63DDC95E-BBCD-4A68-9AFB-B5F9D206818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*",
"matchCriteriaId": "B27E3424-5D4E-4E5D-8762-7AECBB11FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2D217AAB-D45F-480B-8F82-16B261F370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*",
"matchCriteriaId": "1B58312B-D72B-4F13-9EF5-0F42CE592757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*",
"matchCriteriaId": "8FBB88C2-793A-40F2-AA40-EC315115AE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*",
"matchCriteriaId": "21F59801-904B-427F-A1A9-C933E38AB7AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*",
"matchCriteriaId": "5A3FFDE9-FD36-41F9-AC35-E14BB6AEF7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*",
"matchCriteriaId": "D22AFAE1-F817-4037-8EE5-AF04314AAAB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*",
"matchCriteriaId": "8D4C44D6-73AD-48A3-B5F3-31B1FDC77E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*",
"matchCriteriaId": "5D1694B2-1CD9-4943-8CFF-38218CDB88F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*",
"matchCriteriaId": "154B54C8-1D65-4D3E-A64B-CF2D21E71FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*",
"matchCriteriaId": "D86BCD56-4BD6-4C61-B80E-12E47D12A00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*",
"matchCriteriaId": "6741A159-1D92-4E25-BD43-606DE1138D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*",
"matchCriteriaId": "DCC98C53-EEC1-4CFE-9C31-9F2592723B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C565246C-896C-4E48-8C24-344C9B0A3057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202007001:*:*:*:*:*:*",
"matchCriteriaId": "8479F377-4F47-433D-867D-A94A4B0E46EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202010001:*:*:*:*:*:*",
"matchCriteriaId": "ECC2468D-6B23-4C7E-951B-DDA8DD17B51E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202011001:*:*:*:*:*:*",
"matchCriteriaId": "2CB7210B-C9FC-41FA-A258-1F6EC737E9BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202011002:*:*:*:*:*:*",
"matchCriteriaId": "3279299C-37AD-47DF-B22A-20562D13AD80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202102001:*:*:*:*:*:*",
"matchCriteriaId": "91032EB0-AC08-459A-8D78-C7412AE64E3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202102002:*:*:*:*:*:*",
"matchCriteriaId": "7C5987AE-6E37-4470-A192-5E2F1C999F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202102003:*:*:*:*:*:*",
"matchCriteriaId": "F603C437-FC49-4CCA-8A1A-3264CAE794B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202107001:*:*:*:*:*:*",
"matchCriteriaId": "71684485-BAD3-40F3-A286-5B9072F0B778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202110001:*:*:*:*:*:*",
"matchCriteriaId": "2DF896B5-0B7D-4C92-93D4-57A003378972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202202001:*:*:*:*:*:*",
"matchCriteriaId": "BAB02C0E-619B-45F4-83FE-28E662FF6EA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202205001:*:*:*:*:*:*",
"matchCriteriaId": "B61AF0C6-B439-4132-AAB5-16125798E759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202207001:*:*:*:*:*:*",
"matchCriteriaId": "B65A181F-12C4-49FE-A11C-830FE15B13FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201-ug:*:*:*:*:*:*",
"matchCriteriaId": "7264CDC9-FB2D-45A9-9307-C197B1052477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202-ug:*:*:*:*:*:*",
"matchCriteriaId": "D0538570-759A-441A-BC37-556642C090F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203-ug:*:*:*:*:*:*",
"matchCriteriaId": "9CF906E5-A846-49BA-925B-C6059FD02BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204-ug:*:*:*:*:*:*",
"matchCriteriaId": "7D3D0230-53D4-469F-AD46-74F057F6F9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205-ug:*:*:*:*:*:*",
"matchCriteriaId": "8D8E89CE-C919-4CDF-98BE-BA9A126B36BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206-ug:*:*:*:*:*:*",
"matchCriteriaId": "73DA1453-4756-4C16-9640-B3B0C6F617DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207-ug:*:*:*:*:*:*",
"matchCriteriaId": "589EE886-6927-4AEA-903C-155C23B1747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BDDFA27-0D99-4D98-B00F-5D038488BAAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209-ug:*:*:*:*:*:*",
"matchCriteriaId": "3F931502-8460-4373-92D7-CFD817F4A062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210-ug:*:*:*:*:*:*",
"matchCriteriaId": "287D4E48-4890-46C2-8B9B-1CE484C9D30A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211-ug:*:*:*:*:*:*",
"matchCriteriaId": "A916EB29-ADE4-4D65-BF8E-98B44E466AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212-ug:*:*:*:*:*:*",
"matchCriteriaId": "BC024B88-DEDD-49E5-B668-5B00C212B6A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213-ug:*:*:*:*:*:*",
"matchCriteriaId": "DB9F131B-46BE-44F8-904B-FD0839926B18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214-ug:*:*:*:*:*:*",
"matchCriteriaId": "BA2195E5-3BAD-4E90-BE40-A59C0A6A9EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215-ug:*:*:*:*:*:*",
"matchCriteriaId": "1503D3D9-E1A7-41F9-B26D-0AED8ABE6FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216-ug:*:*:*:*:*:*",
"matchCriteriaId": "7BD28EE0-808D-4A76-B707-F163527608C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217-ug:*:*:*:*:*:*",
"matchCriteriaId": "79225541-575F-44FC-8ED6-24BA6A4128EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218-ug:*:*:*:*:*:*",
"matchCriteriaId": "8A4A62CD-A46B-4612-9DC8-7744E6D5EA40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219-ug:*:*:*:*:*:*",
"matchCriteriaId": "D526CE1D-ED76-44EB-9377-53EF7556E254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220-ug:*:*:*:*:*:*",
"matchCriteriaId": "D7E92A1C-40EB-441B-A634-42609527210A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221-ug:*:*:*:*:*:*",
"matchCriteriaId": "111A10BE-FC5A-4272-9719-1DED62694A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222-ug:*:*:*:*:*:*",
"matchCriteriaId": "FC65FCFC-CD55-401A-8986-A1DBF544D228",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223-ug:*:*:*:*:*:*",
"matchCriteriaId": "EEBD3AEC-284C-44E1-A4CD-010787114737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224-ug:*:*:*:*:*:*",
"matchCriteriaId": "42F87C20-5A00-43C9-A445-50AD716233D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225-ug:*:*:*:*:*:*",
"matchCriteriaId": "C1412AFC-CBE8-4151-B01D-785F11ACAB85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226-ug:*:*:*:*:*:*",
"matchCriteriaId": "6431DD1F-2269-4AFB-B486-9B6373F41C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BA5D0CB-E5B0-4C95-91A7-C662BAE01483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228-ug:*:*:*:*:*:*",
"matchCriteriaId": "A86BDAB4-3924-45A8-9130-517DEA184FA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229-ug:*:*:*:*:*:*",
"matchCriteriaId": "A6EAE07B-2849-4E3B-B8D0-F68E6440A9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*",
"matchCriteriaId": "9969057F-BD3A-474E-8A02-087575A8AA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*",
"matchCriteriaId": "7111974A-2A88-4209-8CBB-F872993AE4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*",
"matchCriteriaId": "35722902-3652-44F1-89C2-08EB51F2A1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*",
"matchCriteriaId": "E469AC46-D464-4960-8F23-CA59B3DCB7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*",
"matchCriteriaId": "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*",
"matchCriteriaId": "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*",
"matchCriteriaId": "739948F5-E005-49E3-B412-4E035C7D95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*",
"matchCriteriaId": "D1828A75-5088-4992-A06B-A58B62536F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*",
"matchCriteriaId": "58030F5A-82E1-4D54-A8F0-30CAAD4C8402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*",
"matchCriteriaId": "9A013753-5E40-4CD8-A649-6CD023E0A970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*",
"matchCriteriaId": "F554BC79-A92C-4287-9D94-3657C48E36CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*",
"matchCriteriaId": "F82710D4-3FAB-469F-B15C-F22B4786AE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*",
"matchCriteriaId": "BDE7B96D-AD37-406D-AF62-3797E7A55119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*",
"matchCriteriaId": "A9C294EC-F0BE-44DA-9073-D29D693F0964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*",
"matchCriteriaId": "E05B6CD2-A581-46C2-AEA7-D8A6028FB466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*",
"matchCriteriaId": "6CEC1380-E75E-40B5-BDE8-94E12317CCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*",
"matchCriteriaId": "C7B7079D-785C-4941-929A-C82B54809728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*",
"matchCriteriaId": "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*",
"matchCriteriaId": "31F8FFF5-25BD-408D-9089-567AF16BA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*",
"matchCriteriaId": "EE834CFD-5533-4989-8836-D0F07ED4919C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*",
"matchCriteriaId": "092F9149-6B82-48CD-B90C-87DB36881F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*",
"matchCriteriaId": "B2EA0EC1-0139-403C-AC9B-08D8530F4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*",
"matchCriteriaId": "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*",
"matchCriteriaId": "755CCD27-3C87-497F-BDBB-48D3163909A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201911001:*:*:*:*:*:*",
"matchCriteriaId": "2130E67D-7F2A-4D82-BEFD-BA42B6B6FDA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*",
"matchCriteriaId": "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*",
"matchCriteriaId": "1CE71B5C-586B-4829-9A7E-3A008A1C1E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*",
"matchCriteriaId": "802A1549-678C-4001-807B-97AD0953B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*",
"matchCriteriaId": "A6024926-4AE4-4609-99DE-E3173A72058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*",
"matchCriteriaId": "AB1CAAFF-616A-4455-86CA-0ED553D3D27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*",
"matchCriteriaId": "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*",
"matchCriteriaId": "13C713B1-AEA0-40B0-829E-4D0A23808577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004301:*:*:*:*:*:*",
"matchCriteriaId": "04BAED99-1BF3-4089-B6E6-0BE505E6D846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004401:*:*:*:*:*:*",
"matchCriteriaId": "F318EA34-1EB7-484D-B016-3173683B0823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004402:*:*:*:*:*:*",
"matchCriteriaId": "08254171-3483-4796-AD29-8C8A66BEA7A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004403:*:*:*:*:*:*",
"matchCriteriaId": "BB87B220-ED25-4818-8E70-A9663CCEF005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004404:*:*:*:*:*:*",
"matchCriteriaId": "1275D19D-05C0-42F8-8402-647E512DAC72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004405:*:*:*:*:*:*",
"matchCriteriaId": "7D919EB9-F45B-4A4B-9887-7DE98065B766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004406:*:*:*:*:*:*",
"matchCriteriaId": "6CB29FBD-2AD3-49D0-9F49-AE4DD9192C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004407:*:*:*:*:*:*",
"matchCriteriaId": "C2ACA3A8-5B40-45C4-B47F-0DCF04D6700F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004408:*:*:*:*:*:*",
"matchCriteriaId": "92E98665-4919-4D45-88CF-28835DADD6E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C0A275B7-DBF3-4332-8B5F-C9CAD84229B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202008001:*:*:*:*:*:*",
"matchCriteriaId": "497F58A2-0A2C-4A59-A73B-31C956EF3CD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202010001:*:*:*:*:*:*",
"matchCriteriaId": "18E8632C-E442-4F18-BFE2-96AE5C839F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202011001:*:*:*:*:*:*",
"matchCriteriaId": "13D69B99-CB36-45DD-9FD9-C58186998200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202011002:*:*:*:*:*:*",
"matchCriteriaId": "EF0BC157-1834-46D8-9BF9-0CE9648C7D8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202102001:*:*:*:*:*:*",
"matchCriteriaId": "728136B6-47A7-42BC-9464-7745E4F2B4FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202103001:*:*:*:*:*:*",
"matchCriteriaId": "3967967A-E0A5-45B3-999C-D749A9B0C791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202111001:*:*:*:*:*:*",
"matchCriteriaId": "8220EA95-39E0-46FA-98B2-5C793E3CE1CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202201001:*:*:*:*:*:*",
"matchCriteriaId": "E0CB425E-5551-4E9F-A4FD-6F36A25498CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202206001:*:*:*:*:*:*",
"matchCriteriaId": "3FBE46D6-279C-42B1-8555-48F415469852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202207001:*:*:*:*:*:*",
"matchCriteriaId": "525A7859-4B5C-430F-85C3-A0BCBD4346D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "F030A666-1955-438B-8417-5C294905399F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
"matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "238E7AF4-722B-423D-ABB1-424286B06715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "1E4DE8C7-72FB-4BEC-AD9E-378786295011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1e:*:*:*:*:*:*",
"matchCriteriaId": "2E6DE184-35C8-4A13-91D4-4B43E9F0168C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "D3E3A02D-6C1E-4DE8-B845-60F53C056F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*",
"matchCriteriaId": "12D385F0-DB2B-4802-AD0E-31441DA056B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*",
"matchCriteriaId": "2C202879-9230-4E1D-BAB8-4FB7CE4BBC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*",
"matchCriteriaId": "CC6DC107-5142-4155-A33B-D5BE72E9ED38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2e:*:*:*:*:*:*",
"matchCriteriaId": "39817170-5C45-4F8A-916D-81B7352055DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*",
"matchCriteriaId": "A2F831A7-544E-4B45-BA49-7F7A0234579C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*",
"matchCriteriaId": "80A0DD2E-F1CC-413B-91F9-E3986011A0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3e:*:*:*:*:*:*",
"matchCriteriaId": "C77771B2-BC64-47A5-B6DB-9CBCC4456B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3f:*:*:*:*:*:*",
"matchCriteriaId": "86DE9CE6-F6C0-47D2-B3AB-34852A8B9603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3g:*:*:*:*:*:*",
"matchCriteriaId": "E75B2F03-702E-4359-9BB2-E234F1DC38C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox."
},
{
"lang": "es",
"value": "VMware ESXi contiene una vulnerabilidad de corrupci\u00f3n de memoria que existe en la forma en que maneja un socket de red. Un actor malintencionado con acceso local a ESXi puede aprovechar este problema para da\u00f1ar la memoria y provocar un escape del entorno limitado de ESXi."
}
],
"id": "CVE-2022-31696",
"lastModified": "2025-04-22T16:15:29.273",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-12-13T16:15:19.733",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0030.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-26 12:15
Modified
2025-05-14 16:43
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges can insert malicious commands into the properties file to escalate privileges to a root user on the appliance running VMware Aria Operations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | aria_operations | * | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:aria_operations:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E1C524-50BF-4B3E-9385-935660A1CC14",
"versionEndExcluding": "8.18.2",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC8A0BB4-A21B-4914-8F4B-37D300A4BBB9",
"versionEndIncluding": "5.2",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations contains a local privilege escalation vulnerability.\u00a0\u00a0A malicious actor with local administrative privileges can insert malicious commands into the properties file to escalate privileges to \u00a0a root user on the appliance running VMware Aria Operations."
},
{
"lang": "es",
"value": "VMware Aria Operations contiene una vulnerabilidad de escalada de privilegios locales. Un agente malintencionado con privilegios administrativos locales puede insertar comandos maliciosos en el archivo de propiedades para escalar privilegios a un usuario ra\u00edz en el dispositivo que ejecuta VMware Aria Operations."
}
],
"id": "CVE-2024-38831",
"lastModified": "2025-05-14T16:43:22.730",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-11-26T12:15:18.590",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25199"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-10 18:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vCenter Server contains a privilege escalation vulnerability in the IWA (Integrated Windows Authentication) authentication mechanism. A malicious actor with non-administrative access to vCenter Server may exploit this issue to elevate privileges to a higher privileged group.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://packetstormsecurity.com/files/167733/VMware-Security-Advisory-2022-0025.2.html | Release Notes, Third Party Advisory, VDB Entry | |
| security@vmware.com | http://packetstormsecurity.com/files/167795/VMware-Security-Advisory-2021-0025.3.html | Release Notes, Third Party Advisory, VDB Entry | |
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0025.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/167733/VMware-Security-Advisory-2022-0025.2.html | Release Notes, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/167795/VMware-Security-Advisory-2021-0025.3.html | Release Notes, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0025.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEBD9C21-C9E9-45EB-8370-B499C0B9290A",
"versionEndIncluding": "3.10.2.2",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DD4BE55-532A-4423-B658-4D658BA841AD",
"versionEndIncluding": "4.1.0.1",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a privilege escalation vulnerability in the IWA (Integrated Windows Authentication) authentication mechanism. A malicious actor with non-administrative access to vCenter Server may exploit this issue to elevate privileges to a higher privileged group."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de escalada de privilegios en el mecanismo de autenticaci\u00f3n IWA (Integrated Windows Authentication). Un actor malicioso con acceso no administrativo a vCenter Server podr\u00eda explotar este problema para elevar los privilegios a un grupo con mayores privilegios"
}
],
"id": "CVE-2021-22048",
"lastModified": "2024-11-21T05:49:29.947",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-10T18:15:08.037",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Release Notes",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/167733/VMware-Security-Advisory-2022-0025.2.html"
},
{
"source": "security@vmware.com",
"tags": [
"Release Notes",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/167795/VMware-Security-Advisory-2021-0025.3.html"
},
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/167733/VMware-Security-Advisory-2022-0025.2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/167795/VMware-Security-Advisory-2021-0025.3.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0025.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-30 18:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information disclosure.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0018.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0018.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | vrealize_operations_manager | * | |
| vmware | vrealize_operations_manager | 7.5.0 | |
| vmware | vrealize_suite_lifecycle_manager | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE39D06C-8AF4-4978-BCFD-80FB0A36C93A",
"versionEndIncluding": "3.10.2.1",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6A3FA17-BA09-499D-BAC7-053B380DF443",
"versionEndIncluding": "4.2.1",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B12F2BE9-8DA7-4BF0-85C0-0B5D6C4532A8",
"versionEndExcluding": "8.5.0",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:7.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC6471F-2FB5-4C7A-9B5D-0B08A8E2C08C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4767C7D-8165-43A6-8F16-12F8EE65FDFB",
"versionEndIncluding": "8.2",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information disclosure."
},
{
"lang": "es",
"value": "La API de vRealize Operations Manager (versiones 8.x anteriores a 8.5) contiene una falsificaci\u00f3n de petici\u00f3n del lado del servidor en un endpoint. Un actor malicioso no autenticado con acceso a la red a la API de vRealize Operations Manager puede realizar un ataque de tipo Server Side Request Forgery, conllevando a una divulgaci\u00f3n de informaci\u00f3n."
}
],
"id": "CVE-2021-22027",
"lastModified": "2024-11-21T05:49:27.970",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-30T18:15:08.463",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-18 06:15
Modified
2025-06-20 19:08
Severity ?
Summary
The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "CC974CA1-88D3-42E4-BF1F-28870F8171B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:a:*:*:*:*:*:*",
"matchCriteriaId": "EFE63984-F69B-4593-9AEC-D179D6D98B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:b:*:*:*:*:*:*",
"matchCriteriaId": "34D1F3B3-8E3F-4E4D-8EE6-2F593663B5CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:c:*:*:*:*:*:*",
"matchCriteriaId": "16F3D992-9F48-4604-9AAF-DC2D1CE98BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "C745A7E6-4760-48CD-B7C4-1C2C20217F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "A5522514-8ED9-45DB-9036-33FE40D77E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1b:*:*:*:*:*:*",
"matchCriteriaId": "8C27C660-E917-4944-8B4C-41D9622B76D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "56CFB469-B3E6-4503-A47C-D18206D4D19A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "67024A43-9E13-4F4E-B711-731792DA3840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1e:*:*:*:*:*:*",
"matchCriteriaId": "1188E9D6-53AD-40D0-8146-3728D071008D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "604F559F-1775-4F29-996E-9079B99345B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "61DC9400-5AEE-49AC-9925-0A96E32BD8C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2b:*:*:*:*:*:*",
"matchCriteriaId": "98C1B77E-AB0E-4E8A-8294-2D3D230CDF9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2c:*:*:*:*:*:*",
"matchCriteriaId": "8EC8BEF1-7908-46C0-841A-834778D1A863",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
"matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*",
"matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*",
"matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*",
"matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "0FC6765A-6584-45A8-9B21-4951D2EA8939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "85DD238C-EF73-44F0-928E-A94FF5C4B378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "F4CA36C1-732E-41AE-B847-F7411B753F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "0DA882B6-D811-4E4B-B614-2D48F0B9036E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2b:*:*:*:*:*:*",
"matchCriteriaId": "8D30A78E-16D0-4A2E-A2F8-F6073698243E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2c:*:*:*:*:*:*",
"matchCriteriaId": "188E103E-9568-4CE0-A984-141B2A9E82D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2d:*:*:*:*:*:*",
"matchCriteriaId": "B266439F-E911-4C95-9D27-88DF96DDCCD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "6508A908-EF14-4A72-AC75-5DA6F8B98A0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3a:*:*:*:*:*:*",
"matchCriteriaId": "3BAD2012-5C82-4EA9-A780-9BF1DA5A18AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3c:*:*:*:*:*:*",
"matchCriteriaId": "58597F18-0B23-4D21-9ABA-D9773958F10E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3d:*:*:*:*:*:*",
"matchCriteriaId": "ADF46C54-313B-4742-A074-EEA0A6554680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3e:*:*:*:*:*:*",
"matchCriteriaId": "9587F800-57BC-44B6-870E-95691684FC46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3f:*:*:*:*:*:*",
"matchCriteriaId": "AD148A75-5076-416D-AFD6-0F281DA0A82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3g:*:*:*:*:*:*",
"matchCriteriaId": "956CEA8C-F8C4-41BD-85B4-44FE3A772E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3h:*:*:*:*:*:*",
"matchCriteriaId": "008AEA0F-116B-4AF8-B3A7-3041CCE25235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3i:*:*:*:*:*:*",
"matchCriteriaId": "EE486B2F-AED4-4FCE-A674-DFC25844FEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3j:*:*:*:*:*:*",
"matchCriteriaId": "4F73AA9E-51E9-4FA0-813D-AD05FDC3EF94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3k:*:*:*:*:*:*",
"matchCriteriaId": "455DD46E-A071-476D-8914-767485E45F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3l:*:*:*:*:*:*",
"matchCriteriaId": "3A422D04-48DF-4A16-94F8-D5702CC2782D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3m:*:*:*:*:*:*",
"matchCriteriaId": "806E9219-CDF4-4E62-978E-334E96A94BA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3n:*:*:*:*:*:*",
"matchCriteriaId": "34D8B182-4E71-4655-8DD8-743A3EF6DC8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3o:*:*:*:*:*:*",
"matchCriteriaId": "8D8F6CC7-6B6D-4079-9E2C-A85C4616FF92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3p:*:*:*:*:*:*",
"matchCriteriaId": "A814F0AB-4AEB-4139-976F-425A4A9EC67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3q:*:*:*:*:*:*",
"matchCriteriaId": "8002080A-D384-4CE4-B9FC-1C6C89BA756C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8DFE6-9C74-4711-A8AF-3B170876A1F9",
"versionEndExcluding": "5.2",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo.\u00a0An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance."
},
{
"lang": "es",
"value": "vCenter Server contiene m\u00faltiples vulnerabilidades de escalada de privilegios locales debido a una mala configuraci\u00f3n de sudo. Un usuario local autenticado con privilegios no administrativos puede aprovechar estos problemas para elevar los privilegios a root en vCenter Server Appliance."
}
],
"id": "CVE-2024-37081",
"lastModified": "2025-06-20T19:08:08.187",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "security@vmware.com",
"type": "Secondary"
}
]
},
"published": "2024-06-18T06:15:11.900",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-556"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-30 16:15
Modified
2025-05-14 16:47
Severity ?
5.2 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
VMware Aria Operation for Logs contains a stored cross-site scripting vulnerability. A malicious actor with admin privileges to VMware Aria Operations for Logs may be able to inject a malicious script that could be executed in a victim's browser when performing a delete action in the Agent Configuration.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | aria_operations_for_logs | * | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:aria_operations_for_logs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7883672C-8E78-4378-9EAB-42A656006A72",
"versionEndExcluding": "8.18.3",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC8A0BB4-A21B-4914-8F4B-37D300A4BBB9",
"versionEndIncluding": "5.2",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operation for Logs contains a stored cross-site scripting vulnerability.\u00a0A malicious actor with admin privileges to VMware Aria Operations for Logs may be able to inject a malicious script that could be executed in a victim\u0027s browser when performing a delete action in the Agent Configuration."
},
{
"lang": "es",
"value": "VMware Aria Operation for Logs contiene una vulnerabilidad Cross-Site Scripting Almacenado. Un actor malintencionado con privilegios de administrador en VMware Aria Operations for Logs podr\u00eda inyectar un script malicioso que podr\u00eda ejecutarse en el navegador de una v\u00edctima al realizar una acci\u00f3n de eliminaci\u00f3n en la configuraci\u00f3n del agente."
}
],
"id": "CVE-2025-22221",
"lastModified": "2025-05-14T16:47:14.977",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 4.2,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-30T16:15:31.257",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25329"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 12:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vCenter Server contains a denial-of-service vulnerability in VPXD service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to create a denial of service condition due to excessive memory consumption by VPXD service.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5071E0B4-FE4B-4525-BAF6-3900D9C8D48D",
"versionEndExcluding": "5.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a denial-of-service vulnerability in VPXD service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to create a denial of service condition due to excessive memory consumption by VPXD service."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de denegaci\u00f3n de servicio en el servicio VPXD. Un actor malicioso con acceso de red al puerto 443 en vCenter Server puede explotar este problema para crear una condici\u00f3n de denegaci\u00f3n de servicio debido al consumo excesivo de memoria por parte del servicio VPXD"
}
],
"id": "CVE-2021-22010",
"lastModified": "2024-11-21T05:49:26.063",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T12:15:07.940",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-21 18:15
Modified
2025-03-26 16:15
Severity ?
8.1 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
The storage controllers on VMware ESXi, Workstation, and Fusion have out-of-bounds read/write vulnerability. A malicious actor with access to a virtual machine with storage controllers enabled may exploit this issue to create a denial of service condition or execute code on the hypervisor from a virtual machine in conjunction with other issues.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | workstation | * | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | fusion | * | |
| apple | macos | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6C5CFA-E78F-46EA-B8E0-8AE2A29C9586",
"versionEndExcluding": "5.1.1",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0BFB423-5C6D-40F3-960A-53D9955E7621",
"versionEndExcluding": "17.5.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "F030A666-1955-438B-8417-5C294905399F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
"matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "238E7AF4-722B-423D-ABB1-424286B06715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "1E4DE8C7-72FB-4BEC-AD9E-378786295011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1e:*:*:*:*:*:*",
"matchCriteriaId": "2E6DE184-35C8-4A13-91D4-4B43E9F0168C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "D3E3A02D-6C1E-4DE8-B845-60F53C056F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*",
"matchCriteriaId": "12D385F0-DB2B-4802-AD0E-31441DA056B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*",
"matchCriteriaId": "2C202879-9230-4E1D-BAB8-4FB7CE4BBC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*",
"matchCriteriaId": "CC6DC107-5142-4155-A33B-D5BE72E9ED38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2e:*:*:*:*:*:*",
"matchCriteriaId": "39817170-5C45-4F8A-916D-81B7352055DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "4ADC3CFF-7415-46A5-817A-2F053B261E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*",
"matchCriteriaId": "A2F831A7-544E-4B45-BA49-7F7A0234579C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*",
"matchCriteriaId": "80A0DD2E-F1CC-413B-91F9-E3986011A0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3e:*:*:*:*:*:*",
"matchCriteriaId": "C77771B2-BC64-47A5-B6DB-9CBCC4456B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3f:*:*:*:*:*:*",
"matchCriteriaId": "86DE9CE6-F6C0-47D2-B3AB-34852A8B9603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3g:*:*:*:*:*:*",
"matchCriteriaId": "E75B2F03-702E-4359-9BB2-E234F1DC38C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3i:*:*:*:*:*:*",
"matchCriteriaId": "ACAA9494-5248-4B01-8BC1-C38AB615FFD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3j:*:*:*:*:*:*",
"matchCriteriaId": "BF12014B-BF2B-42EF-B70C-59CDA8E2176F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3k:*:*:*:*:*:*",
"matchCriteriaId": "F965D853-EE4A-41F5-840B-2D009ACC9754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3l:*:*:*:*:*:*",
"matchCriteriaId": "BA7B7313-FF53-43C9-AF4D-B639053D3FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3m:*:*:*:*:*:*",
"matchCriteriaId": "9FB5738F-27E4-42C6-BD1B-F7F66A7EF0A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3n:*:*:*:*:*:*",
"matchCriteriaId": "FC3668A6-262B-42BF-9E90-28BAA9BB3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3o:*:*:*:*:*:*",
"matchCriteriaId": "DA4E9185-44BA-41E6-8600-C8616E199334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3p:*:*:*:*:*:*",
"matchCriteriaId": "F50302BB-B950-4178-A109-358393E0A50A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "7A1A402A-9262-4B97-A0B7-E5AE045E394D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:a:*:*:*:*:*:*",
"matchCriteriaId": "FE44B379-9943-4DD1-8514-26F87482AFA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:b:*:*:*:*:*:*",
"matchCriteriaId": "2A797377-8945-4D75-AA68-A768855E5842",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:c:*:*:*:*:*:*",
"matchCriteriaId": "79D84D76-54BE-49E9-905C-7D65B4B42D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2F8767F7-7C3D-457D-9EAC-E8A30796F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "29AF8474-2D7A-4C5A-82B9-7A873AD90C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "7781A2CA-D927-48CD-9932-AE42B7BA1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "360C1B71-5360-4379-B0DE-63BB8F5E6DA2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50649AB8-57FD-4210-A7F4-3AD7D00F6A91",
"versionEndExcluding": "13.5.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The storage controllers on VMware ESXi, Workstation, and Fusion have out-of-bounds read/write vulnerability.\u00a0A malicious actor with access to a virtual machine with storage controllers enabled may exploit this issue to create a denial of service condition or execute code on the hypervisor from a virtual machine in conjunction with other issues."
},
{
"lang": "es",
"value": "Los controladores de almacenamiento en VMware ESXi, Workstation y Fusion tienen una vulnerabilidad de lectura/escritura fuera de los l\u00edmites. Un actor malintencionado con acceso a una m\u00e1quina virtual con controladores de almacenamiento habilitados puede aprovechar este problema para crear una condici\u00f3n de denegaci\u00f3n de servicio o ejecutar c\u00f3digo en el hipervisor desde una m\u00e1quina virtual junto con otros problemas."
}
],
"id": "CVE-2024-22273",
"lastModified": "2025-03-26T16:15:19.423",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.4,
"impactScore": 6.0,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-05-21T18:15:08.993",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-25 15:15
Modified
2025-06-27 13:39
Severity ?
Summary
VMware ESXi contains an out-of-bounds read vulnerability. A
malicious actor with local administrative privileges on a virtual
machine with an existing snapshot may trigger an out-of-bounds read
leading to a denial-of-service condition of the host.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8DFE6-9C74-4711-A8AF-3B170876A1F9",
"versionEndExcluding": "5.2",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "F030A666-1955-438B-8417-5C294905399F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
"matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "238E7AF4-722B-423D-ABB1-424286B06715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "1E4DE8C7-72FB-4BEC-AD9E-378786295011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1e:*:*:*:*:*:*",
"matchCriteriaId": "2E6DE184-35C8-4A13-91D4-4B43E9F0168C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "D3E3A02D-6C1E-4DE8-B845-60F53C056F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*",
"matchCriteriaId": "12D385F0-DB2B-4802-AD0E-31441DA056B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*",
"matchCriteriaId": "2C202879-9230-4E1D-BAB8-4FB7CE4BBC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*",
"matchCriteriaId": "CC6DC107-5142-4155-A33B-D5BE72E9ED38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2e:*:*:*:*:*:*",
"matchCriteriaId": "39817170-5C45-4F8A-916D-81B7352055DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "4ADC3CFF-7415-46A5-817A-2F053B261E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*",
"matchCriteriaId": "A2F831A7-544E-4B45-BA49-7F7A0234579C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*",
"matchCriteriaId": "80A0DD2E-F1CC-413B-91F9-E3986011A0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3e:*:*:*:*:*:*",
"matchCriteriaId": "C77771B2-BC64-47A5-B6DB-9CBCC4456B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3f:*:*:*:*:*:*",
"matchCriteriaId": "86DE9CE6-F6C0-47D2-B3AB-34852A8B9603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3g:*:*:*:*:*:*",
"matchCriteriaId": "E75B2F03-702E-4359-9BB2-E234F1DC38C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3i:*:*:*:*:*:*",
"matchCriteriaId": "ACAA9494-5248-4B01-8BC1-C38AB615FFD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3j:*:*:*:*:*:*",
"matchCriteriaId": "BF12014B-BF2B-42EF-B70C-59CDA8E2176F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3k:*:*:*:*:*:*",
"matchCriteriaId": "F965D853-EE4A-41F5-840B-2D009ACC9754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3l:*:*:*:*:*:*",
"matchCriteriaId": "BA7B7313-FF53-43C9-AF4D-B639053D3FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3m:*:*:*:*:*:*",
"matchCriteriaId": "9FB5738F-27E4-42C6-BD1B-F7F66A7EF0A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3n:*:*:*:*:*:*",
"matchCriteriaId": "FC3668A6-262B-42BF-9E90-28BAA9BB3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3o:*:*:*:*:*:*",
"matchCriteriaId": "DA4E9185-44BA-41E6-8600-C8616E199334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3p:*:*:*:*:*:*",
"matchCriteriaId": "F50302BB-B950-4178-A109-358393E0A50A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "7A1A402A-9262-4B97-A0B7-E5AE045E394D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:a:*:*:*:*:*:*",
"matchCriteriaId": "FE44B379-9943-4DD1-8514-26F87482AFA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:b:*:*:*:*:*:*",
"matchCriteriaId": "2A797377-8945-4D75-AA68-A768855E5842",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:c:*:*:*:*:*:*",
"matchCriteriaId": "79D84D76-54BE-49E9-905C-7D65B4B42D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:d:*:*:*:*:*:*",
"matchCriteriaId": "E3BC5C77-258A-4920-B217-396212056B14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:e:*:*:*:*:*:*",
"matchCriteriaId": "17D484EB-037C-46E2-ADDF-846B3A02843F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2F8767F7-7C3D-457D-9EAC-E8A30796F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "29AF8474-2D7A-4C5A-82B9-7A873AD90C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "7781A2CA-D927-48CD-9932-AE42B7BA1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "18FD08C9-5895-4BF4-BBE0-C2DDA5F6B836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "360C1B71-5360-4379-B0DE-63BB8F5E6DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_2b:*:*:*:*:*:*",
"matchCriteriaId": "B16ED7C1-9881-452A-8BE0-EDDEAEFE3D7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_2c:*:*:*:*:*:*",
"matchCriteriaId": "ED92209F-FBD6-43F9-9A15-3842B139FCC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_2d:*:*:*:*:*:*",
"matchCriteriaId": "C37C4F29-E18F-439B-83A2-16457D04BEE1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi contains an out-of-bounds read vulnerability.\u00a0A\n malicious actor with local administrative privileges on a virtual \nmachine with an existing snapshot may trigger an out-of-bounds read \nleading to a denial-of-service condition of the host."
},
{
"lang": "es",
"value": "VMware ESXi contiene una vulnerabilidad de lectura fuera de los l\u00edmites. Un actor malintencionado con privilegios administrativos locales en una m\u00e1quina virtual con una instant\u00e1nea existente puede desencadenar una lectura fuera de los l\u00edmites que provoque una condici\u00f3n de denegaci\u00f3n de servicio del host."
}
],
"id": "CVE-2024-37086",
"lastModified": "2025-06-27T13:39:14.217",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 4.2,
"source": "security@vmware.com",
"type": "Secondary"
}
]
},
"published": "2024-06-25T15:15:12.570",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-05-21 18:15
Modified
2025-06-27 13:38
Severity ?
Summary
The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6C5CFA-E78F-46EA-B8E0-8AE2A29C9586",
"versionEndExcluding": "5.1.1",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
"matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*",
"matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*",
"matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*",
"matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "0FC6765A-6584-45A8-9B21-4951D2EA8939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "85DD238C-EF73-44F0-928E-A94FF5C4B378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "F4CA36C1-732E-41AE-B847-F7411B753F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "0DA882B6-D811-4E4B-B614-2D48F0B9036E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2b:*:*:*:*:*:*",
"matchCriteriaId": "8D30A78E-16D0-4A2E-A2F8-F6073698243E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2c:*:*:*:*:*:*",
"matchCriteriaId": "188E103E-9568-4CE0-A984-141B2A9E82D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2d:*:*:*:*:*:*",
"matchCriteriaId": "B266439F-E911-4C95-9D27-88DF96DDCCD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "6508A908-EF14-4A72-AC75-5DA6F8B98A0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3a:*:*:*:*:*:*",
"matchCriteriaId": "3BAD2012-5C82-4EA9-A780-9BF1DA5A18AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3c:*:*:*:*:*:*",
"matchCriteriaId": "58597F18-0B23-4D21-9ABA-D9773958F10E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3d:*:*:*:*:*:*",
"matchCriteriaId": "ADF46C54-313B-4742-A074-EEA0A6554680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3e:*:*:*:*:*:*",
"matchCriteriaId": "9587F800-57BC-44B6-870E-95691684FC46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3f:*:*:*:*:*:*",
"matchCriteriaId": "AD148A75-5076-416D-AFD6-0F281DA0A82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3g:*:*:*:*:*:*",
"matchCriteriaId": "956CEA8C-F8C4-41BD-85B4-44FE3A772E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3h:*:*:*:*:*:*",
"matchCriteriaId": "008AEA0F-116B-4AF8-B3A7-3041CCE25235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3i:*:*:*:*:*:*",
"matchCriteriaId": "EE486B2F-AED4-4FCE-A674-DFC25844FEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3j:*:*:*:*:*:*",
"matchCriteriaId": "4F73AA9E-51E9-4FA0-813D-AD05FDC3EF94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3k:*:*:*:*:*:*",
"matchCriteriaId": "455DD46E-A071-476D-8914-767485E45F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3l:*:*:*:*:*:*",
"matchCriteriaId": "3A422D04-48DF-4A16-94F8-D5702CC2782D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3m:*:*:*:*:*:*",
"matchCriteriaId": "806E9219-CDF4-4E62-978E-334E96A94BA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3n:*:*:*:*:*:*",
"matchCriteriaId": "34D8B182-4E71-4655-8DD8-743A3EF6DC8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3o:*:*:*:*:*:*",
"matchCriteriaId": "8D8F6CC7-6B6D-4079-9E2C-A85C4616FF92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3p:*:*:*:*:*:*",
"matchCriteriaId": "A814F0AB-4AEB-4139-976F-425A4A9EC67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "CC974CA1-88D3-42E4-BF1F-28870F8171B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:a:*:*:*:*:*:*",
"matchCriteriaId": "EFE63984-F69B-4593-9AEC-D179D6D98B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:b:*:*:*:*:*:*",
"matchCriteriaId": "34D1F3B3-8E3F-4E4D-8EE6-2F593663B5CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:c:*:*:*:*:*:*",
"matchCriteriaId": "16F3D992-9F48-4604-9AAF-DC2D1CE98BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "C745A7E6-4760-48CD-B7C4-1C2C20217F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "A5522514-8ED9-45DB-9036-33FE40D77E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1b:*:*:*:*:*:*",
"matchCriteriaId": "8C27C660-E917-4944-8B4C-41D9622B76D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "56CFB469-B3E6-4503-A47C-D18206D4D19A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "67024A43-9E13-4F4E-B711-731792DA3840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1e:*:*:*:*:*:*",
"matchCriteriaId": "1188E9D6-53AD-40D0-8146-3728D071008D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "604F559F-1775-4F29-996E-9079B99345B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "61DC9400-5AEE-49AC-9925-0A96E32BD8C0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a partial file read vulnerability.\u00a0A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data."
},
{
"lang": "es",
"value": " vCenter Server contiene una vulnerabilidad de lectura parcial de archivos. Un actor malintencionado con privilegios administrativos en el shell del dispositivo vCenter puede aprovechar este problema para leer parcialmente archivos arbitrarios que contengan datos confidenciales."
}
],
"id": "CVE-2024-22275",
"lastModified": "2025-06-27T13:38:06.967",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "security@vmware.com",
"type": "Secondary"
}
]
},
"published": "2024-05-21T18:15:09.383",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24308"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-11-20 20:15
Modified
2024-11-21 05:32
Severity ?
Summary
VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG) contains a privilege-escalation vulnerability that exists in the way certain system calls are being managed. A malicious actor with privileges within the VMX process only, may escalate their privileges on the affected system. Successful exploitation of this issue is only possible when chained with another vulnerability (e.g. CVE-2020-4004)
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2020-0026.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2020-0026.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1995769A-1AB9-47FA-966A-8E82D414161E",
"versionEndExcluding": "3.10.1.2",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBD2E65C-08C3-4116-9CAD-B0764EB025C8",
"versionEndExcluding": "4.1.0.1",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*",
"matchCriteriaId": "7F916A39-13BD-44A7-A9EC-1FD40EBE357C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*",
"matchCriteriaId": "4F8219B4-1FC2-4383-83E6-92DF700C72D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*",
"matchCriteriaId": "C44C9D6A-8BBE-4970-A732-B9F86D42A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*",
"matchCriteriaId": "427F4ED8-8782-4BDF-A559-11CB8E0A65F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*",
"matchCriteriaId": "63DDC95E-BBCD-4A68-9AFB-B5F9D206818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*",
"matchCriteriaId": "B27E3424-5D4E-4E5D-8762-7AECBB11FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2D217AAB-D45F-480B-8F82-16B261F370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*",
"matchCriteriaId": "1B58312B-D72B-4F13-9EF5-0F42CE592757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*",
"matchCriteriaId": "8FBB88C2-793A-40F2-AA40-EC315115AE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*",
"matchCriteriaId": "21F59801-904B-427F-A1A9-C933E38AB7AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*",
"matchCriteriaId": "5A3FFDE9-FD36-41F9-AC35-E14BB6AEF7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*",
"matchCriteriaId": "D22AFAE1-F817-4037-8EE5-AF04314AAAB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*",
"matchCriteriaId": "8D4C44D6-73AD-48A3-B5F3-31B1FDC77E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*",
"matchCriteriaId": "5D1694B2-1CD9-4943-8CFF-38218CDB88F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*",
"matchCriteriaId": "154B54C8-1D65-4D3E-A64B-CF2D21E71FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*",
"matchCriteriaId": "D86BCD56-4BD6-4C61-B80E-12E47D12A00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*",
"matchCriteriaId": "6741A159-1D92-4E25-BD43-606DE1138D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*",
"matchCriteriaId": "DCC98C53-EEC1-4CFE-9C31-9F2592723B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C565246C-896C-4E48-8C24-344C9B0A3057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202007001:*:*:*:*:*:*",
"matchCriteriaId": "8479F377-4F47-433D-867D-A94A4B0E46EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202010001:*:*:*:*:*:*",
"matchCriteriaId": "ECC2468D-6B23-4C7E-951B-DDA8DD17B51E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202011001:*:*:*:*:*:*",
"matchCriteriaId": "2CB7210B-C9FC-41FA-A258-1F6EC737E9BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202011002:*:*:*:*:*:*",
"matchCriteriaId": "3279299C-37AD-47DF-B22A-20562D13AD80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201-ug:*:*:*:*:*:*",
"matchCriteriaId": "7264CDC9-FB2D-45A9-9307-C197B1052477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202-ug:*:*:*:*:*:*",
"matchCriteriaId": "D0538570-759A-441A-BC37-556642C090F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203-ug:*:*:*:*:*:*",
"matchCriteriaId": "9CF906E5-A846-49BA-925B-C6059FD02BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204-ug:*:*:*:*:*:*",
"matchCriteriaId": "7D3D0230-53D4-469F-AD46-74F057F6F9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205-ug:*:*:*:*:*:*",
"matchCriteriaId": "8D8E89CE-C919-4CDF-98BE-BA9A126B36BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206-ug:*:*:*:*:*:*",
"matchCriteriaId": "73DA1453-4756-4C16-9640-B3B0C6F617DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207-ug:*:*:*:*:*:*",
"matchCriteriaId": "589EE886-6927-4AEA-903C-155C23B1747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BDDFA27-0D99-4D98-B00F-5D038488BAAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209-ug:*:*:*:*:*:*",
"matchCriteriaId": "3F931502-8460-4373-92D7-CFD817F4A062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210-ug:*:*:*:*:*:*",
"matchCriteriaId": "287D4E48-4890-46C2-8B9B-1CE484C9D30A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211-ug:*:*:*:*:*:*",
"matchCriteriaId": "A916EB29-ADE4-4D65-BF8E-98B44E466AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212-ug:*:*:*:*:*:*",
"matchCriteriaId": "BC024B88-DEDD-49E5-B668-5B00C212B6A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213-ug:*:*:*:*:*:*",
"matchCriteriaId": "DB9F131B-46BE-44F8-904B-FD0839926B18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214-ug:*:*:*:*:*:*",
"matchCriteriaId": "BA2195E5-3BAD-4E90-BE40-A59C0A6A9EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215-ug:*:*:*:*:*:*",
"matchCriteriaId": "1503D3D9-E1A7-41F9-B26D-0AED8ABE6FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216-ug:*:*:*:*:*:*",
"matchCriteriaId": "7BD28EE0-808D-4A76-B707-F163527608C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217-ug:*:*:*:*:*:*",
"matchCriteriaId": "79225541-575F-44FC-8ED6-24BA6A4128EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218-ug:*:*:*:*:*:*",
"matchCriteriaId": "8A4A62CD-A46B-4612-9DC8-7744E6D5EA40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219-ug:*:*:*:*:*:*",
"matchCriteriaId": "D526CE1D-ED76-44EB-9377-53EF7556E254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220-ug:*:*:*:*:*:*",
"matchCriteriaId": "D7E92A1C-40EB-441B-A634-42609527210A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221-ug:*:*:*:*:*:*",
"matchCriteriaId": "111A10BE-FC5A-4272-9719-1DED62694A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222-ug:*:*:*:*:*:*",
"matchCriteriaId": "FC65FCFC-CD55-401A-8986-A1DBF544D228",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223-ug:*:*:*:*:*:*",
"matchCriteriaId": "EEBD3AEC-284C-44E1-A4CD-010787114737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224-ug:*:*:*:*:*:*",
"matchCriteriaId": "42F87C20-5A00-43C9-A445-50AD716233D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225-ug:*:*:*:*:*:*",
"matchCriteriaId": "C1412AFC-CBE8-4151-B01D-785F11ACAB85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201911001:*:*:*:*:*:*",
"matchCriteriaId": "2130E67D-7F2A-4D82-BEFD-BA42B6B6FDA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C0A275B7-DBF3-4332-8B5F-C9CAD84229B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202008001:*:*:*:*:*:*",
"matchCriteriaId": "497F58A2-0A2C-4A59-A73B-31C956EF3CD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202010001:*:*:*:*:*:*",
"matchCriteriaId": "18E8632C-E442-4F18-BFE2-96AE5C839F0E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "F030A666-1955-438B-8417-5C294905399F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
"matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG) contains a privilege-escalation vulnerability that exists in the way certain system calls are being managed. A malicious actor with privileges within the VMX process only, may escalate their privileges on the affected system. Successful exploitation of this issue is only possible when chained with another vulnerability (e.g. CVE-2020-4004)"
},
{
"lang": "es",
"value": "VMware ESXi (versiones 7.0 anteriores a ESXi70U1b-17168206, versiones 6.7 anteriores a ESXi670-202011101-SG, versiones 6.5 anteriores a ESXi650-202011301-SG), contiene una vulnerabilidad de escalada de privilegios que se presenta en la manera en que son administradas determinadas llamadas del sistema.\u0026#xa0;Un actor malicioso con privilegios dentro del proceso VMX \u00fanicamente, puede escalar sus privilegios en el sistema afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito de este problema es posible solo cuando est\u00e1 encadenado con otra vulnerabilidad (por ejemplo, CVE-2020-4004)"
}
],
"id": "CVE-2020-4005",
"lastModified": "2024-11-21T05:32:09.030",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-11-20T20:15:13.287",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0026.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-03-04 12:15
Modified
2025-04-10 19:19
Severity ?
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | cloud_foundation | - | |
| vmware | telco_cloud_infrastructure | 2.2 | |
| vmware | telco_cloud_infrastructure | 2.5 | |
| vmware | telco_cloud_infrastructure | 2.7 | |
| vmware | telco_cloud_infrastructure | 3.0 | |
| vmware | telco_cloud_platform | 2.0 | |
| vmware | telco_cloud_platform | 2.5 | |
| vmware | telco_cloud_platform | 2.7 | |
| vmware | telco_cloud_platform | 3.0 | |
| vmware | telco_cloud_platform | 4.0 | |
| vmware | telco_cloud_platform | 4.0.1 | |
| vmware | telco_cloud_platform | 5.0 |
{
"cisaActionDue": "2025-03-25",
"cisaExploitAdd": "2025-03-04",
"cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "VMware ESXi Arbitrary Write Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "F030A666-1955-438B-8417-5C294905399F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
"matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "238E7AF4-722B-423D-ABB1-424286B06715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "1E4DE8C7-72FB-4BEC-AD9E-378786295011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1e:*:*:*:*:*:*",
"matchCriteriaId": "2E6DE184-35C8-4A13-91D4-4B43E9F0168C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "D3E3A02D-6C1E-4DE8-B845-60F53C056F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*",
"matchCriteriaId": "12D385F0-DB2B-4802-AD0E-31441DA056B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*",
"matchCriteriaId": "2C202879-9230-4E1D-BAB8-4FB7CE4BBC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*",
"matchCriteriaId": "CC6DC107-5142-4155-A33B-D5BE72E9ED38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2e:*:*:*:*:*:*",
"matchCriteriaId": "39817170-5C45-4F8A-916D-81B7352055DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "4ADC3CFF-7415-46A5-817A-2F053B261E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*",
"matchCriteriaId": "A2F831A7-544E-4B45-BA49-7F7A0234579C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*",
"matchCriteriaId": "80A0DD2E-F1CC-413B-91F9-E3986011A0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3e:*:*:*:*:*:*",
"matchCriteriaId": "C77771B2-BC64-47A5-B6DB-9CBCC4456B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3f:*:*:*:*:*:*",
"matchCriteriaId": "86DE9CE6-F6C0-47D2-B3AB-34852A8B9603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3g:*:*:*:*:*:*",
"matchCriteriaId": "E75B2F03-702E-4359-9BB2-E234F1DC38C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3i:*:*:*:*:*:*",
"matchCriteriaId": "ACAA9494-5248-4B01-8BC1-C38AB615FFD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3j:*:*:*:*:*:*",
"matchCriteriaId": "BF12014B-BF2B-42EF-B70C-59CDA8E2176F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3k:*:*:*:*:*:*",
"matchCriteriaId": "F965D853-EE4A-41F5-840B-2D009ACC9754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3l:*:*:*:*:*:*",
"matchCriteriaId": "BA7B7313-FF53-43C9-AF4D-B639053D3FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3m:*:*:*:*:*:*",
"matchCriteriaId": "9FB5738F-27E4-42C6-BD1B-F7F66A7EF0A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3n:*:*:*:*:*:*",
"matchCriteriaId": "FC3668A6-262B-42BF-9E90-28BAA9BB3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3o:*:*:*:*:*:*",
"matchCriteriaId": "DA4E9185-44BA-41E6-8600-C8616E199334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3p:*:*:*:*:*:*",
"matchCriteriaId": "F50302BB-B950-4178-A109-358393E0A50A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3q:*:*:*:*:*:*",
"matchCriteriaId": "BCCA4A31-1291-4FB4-9FA5-D2CCD086D660",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3r:*:*:*:*:*:*",
"matchCriteriaId": "78604FE5-510F-4979-B2E3-D36B3083224A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "7A1A402A-9262-4B97-A0B7-E5AE045E394D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:a:*:*:*:*:*:*",
"matchCriteriaId": "FE44B379-9943-4DD1-8514-26F87482AFA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:b:*:*:*:*:*:*",
"matchCriteriaId": "2A797377-8945-4D75-AA68-A768855E5842",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:c:*:*:*:*:*:*",
"matchCriteriaId": "79D84D76-54BE-49E9-905C-7D65B4B42D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2F8767F7-7C3D-457D-9EAC-E8A30796F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "29AF8474-2D7A-4C5A-82B9-7A873AD90C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "7781A2CA-D927-48CD-9932-AE42B7BA1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "18FD08C9-5895-4BF4-BBE0-C2DDA5F6B836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "360C1B71-5360-4379-B0DE-63BB8F5E6DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_2b:*:*:*:*:*:*",
"matchCriteriaId": "B16ED7C1-9881-452A-8BE0-EDDEAEFE3D7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_2c:*:*:*:*:*:*",
"matchCriteriaId": "ED92209F-FBD6-43F9-9A15-3842B139FCC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "6B701151-1B57-4E2D-A9AB-586FACEA2385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_3b:*:*:*:*:*:*",
"matchCriteriaId": "4230B9AA-9E0C-4AE2-814D-8DD641394879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_3c:*:*:*:*:*:*",
"matchCriteriaId": "F2FA150B-93E4-44D2-BF6D-347085A95776",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31A7BB38-3238-413E-9736-F1A165D40867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_infrastructure:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E46A694-8698-4283-9E25-01F222B63E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_infrastructure:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "59B9476F-E5E7-46B6-AC38-4630D0933462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_infrastructure:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9A045567-2563-4539-8E95-361087CB7762",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_infrastructure:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D11103A7-6AB5-4E78-BE11-BC2A04A09F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C5F01D7-2675-4D09-B52B-B02D0EF52AEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B5F8D61F-6E8B-4EE3-91DE-EBA6FF7D289E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B1E94D58-26A0-4E84-8CAD-F8CDB6707642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC33D39A-5760-467E-8284-F4E5D8082BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "448206AA-A023-4AA1-98FD-35BC2A2AB2B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F6E30F8-B977-40A5-9E45-89B5C5E59170",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6B84F65-2E52-4445-8F97-2729B84B18E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi contains an arbitrary write\u00a0vulnerability.\u00a0A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox."
},
{
"lang": "es",
"value": "VMware ESXi contiene una vulnerabilidad de escritura arbitraria. Un actor malintencionado con privilegios dentro del proceso VMX puede activar una escritura arbitraria en el kernel que provoque un escape del entorno aislado."
}
],
"id": "CVE-2025-22225",
"lastModified": "2025-04-10T19:19:49.860",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-03-04T12:15:33.840",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-123"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-11-24 17:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0027.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0027.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | 3.0 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "B4EACDFF-B042-4AC9-A87E-D8F27F7BBDAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update_1:*:*:*:*:*:*",
"matchCriteriaId": "15255D34-EA1C-4ECC-A42B-BF30C76CD0E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update_1b:*:*:*:*:*:*",
"matchCriteriaId": "AAC2EF17-99FB-4619-A093-8DA02311DE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "A6C763C8-8B5D-4219-98BB-FBCF544F5373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "8C7AB0A5-FCA4-4782-875B-C5C3F08C3C5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update_1e:*:*:*:*:*:*",
"matchCriteriaId": "8E75F600-0799-42BD-91A9-1742E86DAE7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update_1g:*:*:*:*:*:*",
"matchCriteriaId": "C5F819AB-DDDA-49CE-ABF8-0766E8FC214E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update_2:*:*:*:*:*:*",
"matchCriteriaId": "9087A90E-54B9-483D-B673-21C57B44706C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update_2b:*:*:*:*:*:*",
"matchCriteriaId": "9237FAA7-E07F-47F1-A518-9C693EE3DA36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update_2c:*:*:*:*:*:*",
"matchCriteriaId": "FCB2E419-6088-423E-9CF3-878FBA365759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update_2d:*:*:*:*:*:*",
"matchCriteriaId": "572463FF-3FDF-4A0B-B46A-21633BF68575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update_2g:*:*:*:*:*:*",
"matchCriteriaId": "F5F5B72F-CB59-41EB-87DF-C1C023BD2E1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update_3:*:*:*:*:*:*",
"matchCriteriaId": "84DCDFB0-E4B0-4B26-BB26-E08D278591AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update_3d:*:*:*:*:*:*",
"matchCriteriaId": "EBD703BC-39D0-4F7B-B210-790430C8622E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update_3f:*:*:*:*:*:*",
"matchCriteriaId": "97A33095-C15B-46EF-A817-0783329A83FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update_3k:*:*:*:*:*:*",
"matchCriteriaId": "A11BB22E-5787-4335-8A54-DDBC36D5A3CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update_3n:*:*:*:*:*:*",
"matchCriteriaId": "1C4A270B-D8F3-4582-B0F2-6BE1EC9F47A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update_3p:*:*:*:*:*:*",
"matchCriteriaId": "517936D0-0FBA-45A2-B5FE-EBB14939E171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update_3q:*:*:*:*:*:*",
"matchCriteriaId": "7F3EF498-E22C-44BE-9A66-5C2DE2ABB696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update_1:*:*:*:*:*:*",
"matchCriteriaId": "D7D1387A-B6E1-4CB0-9E7A-44856CE6BA8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update_1b:*:*:*:*:*:*",
"matchCriteriaId": "514A54F8-BC3C-4086-AF36-5F04CF15F263",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update_2:*:*:*:*:*:*",
"matchCriteriaId": "B5BB7E8F-395F-4222-8F02-27A40490A588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update_2a:*:*:*:*:*:*",
"matchCriteriaId": "B44735EC-9EEC-46E6-BD2E-1AA73A3D4632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update_2c:*:*:*:*:*:*",
"matchCriteriaId": "DB137E84-2F63-400E-9936-F1E313245B6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update_3:*:*:*:*:*:*",
"matchCriteriaId": "68F0E573-C385-481F-8829-12FBE9269B93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update_3a:*:*:*:*:*:*",
"matchCriteriaId": "CAA1C918-B449-4964-820B-9702E6EEDC9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update_3b:*:*:*:*:*:*",
"matchCriteriaId": "2DA3AC16-8836-41DD-98C5-00B2FF0A7B6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update_3f:*:*:*:*:*:*",
"matchCriteriaId": "15FE3165-7056-46BC-88FD-66F033C24505",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update_3g:*:*:*:*:*:*",
"matchCriteriaId": "D992B2FF-7F91-4BA3-97E2-ABEDC48940F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update_3j:*:*:*:*:*:*",
"matchCriteriaId": "66E9E563-D0C3-4595-88A6-FD611C0AFC01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update_3l:*:*:*:*:*:*",
"matchCriteriaId": "EF7D724D-CC0F-4E60-8E86-4875F3077C56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update_3m:*:*:*:*:*:*",
"matchCriteriaId": "218878C7-8759-47EA-97AF-286D5062812C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update_3n:*:*:*:*:*:*",
"matchCriteriaId": "0E92E11F-44FE-481C-9212-B0EE45B128A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update_3o:*:*:*:*:*:*",
"matchCriteriaId": "7494090C-C5E4-46E9-8222-6096731FC7C7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information."
},
{
"lang": "es",
"value": "El cliente web de vSphere (FLEX/Flash), contiene una vulnerabilidad de lectura arbitraria de archivos no autorizada. Un actor malicioso con acceso a la red al puerto 443 en vCenter Server puede explotar este problema para conseguir acceso a informaci\u00f3n confidencial"
}
],
"id": "CVE-2021-21980",
"lastModified": "2024-11-21T05:49:21.820",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-11-24T17:15:07.623",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0027.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-16 17:15
Modified
2024-11-21 05:49
Severity ?
Summary
ESXi contains a slow HTTP POST denial-of-service vulnerability in rhttpproxy. A malicious actor with network access to ESXi may exploit this issue to create a denial-of-service condition by overwhelming rhttpproxy service with multiple requests.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2022-0004.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2022-0004.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28769D3C-0C46-4E6B-A8E2-75A7B64B1D47",
"versionEndExcluding": "3.11",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBED072F-DE79-41C6-AD4F-02E10BD27FBD",
"versionEndExcluding": "4.4",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201-ug:*:*:*:*:*:*",
"matchCriteriaId": "7264CDC9-FB2D-45A9-9307-C197B1052477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202-ug:*:*:*:*:*:*",
"matchCriteriaId": "D0538570-759A-441A-BC37-556642C090F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203-ug:*:*:*:*:*:*",
"matchCriteriaId": "9CF906E5-A846-49BA-925B-C6059FD02BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204-ug:*:*:*:*:*:*",
"matchCriteriaId": "7D3D0230-53D4-469F-AD46-74F057F6F9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205-ug:*:*:*:*:*:*",
"matchCriteriaId": "8D8E89CE-C919-4CDF-98BE-BA9A126B36BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206-ug:*:*:*:*:*:*",
"matchCriteriaId": "73DA1453-4756-4C16-9640-B3B0C6F617DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207-ug:*:*:*:*:*:*",
"matchCriteriaId": "589EE886-6927-4AEA-903C-155C23B1747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BDDFA27-0D99-4D98-B00F-5D038488BAAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209-ug:*:*:*:*:*:*",
"matchCriteriaId": "3F931502-8460-4373-92D7-CFD817F4A062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210-ug:*:*:*:*:*:*",
"matchCriteriaId": "287D4E48-4890-46C2-8B9B-1CE484C9D30A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211-ug:*:*:*:*:*:*",
"matchCriteriaId": "A916EB29-ADE4-4D65-BF8E-98B44E466AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212-ug:*:*:*:*:*:*",
"matchCriteriaId": "BC024B88-DEDD-49E5-B668-5B00C212B6A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213-ug:*:*:*:*:*:*",
"matchCriteriaId": "DB9F131B-46BE-44F8-904B-FD0839926B18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214-ug:*:*:*:*:*:*",
"matchCriteriaId": "BA2195E5-3BAD-4E90-BE40-A59C0A6A9EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215-ug:*:*:*:*:*:*",
"matchCriteriaId": "1503D3D9-E1A7-41F9-B26D-0AED8ABE6FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216-ug:*:*:*:*:*:*",
"matchCriteriaId": "7BD28EE0-808D-4A76-B707-F163527608C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217-ug:*:*:*:*:*:*",
"matchCriteriaId": "79225541-575F-44FC-8ED6-24BA6A4128EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218-ug:*:*:*:*:*:*",
"matchCriteriaId": "8A4A62CD-A46B-4612-9DC8-7744E6D5EA40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219-ug:*:*:*:*:*:*",
"matchCriteriaId": "D526CE1D-ED76-44EB-9377-53EF7556E254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220-ug:*:*:*:*:*:*",
"matchCriteriaId": "D7E92A1C-40EB-441B-A634-42609527210A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221-ug:*:*:*:*:*:*",
"matchCriteriaId": "111A10BE-FC5A-4272-9719-1DED62694A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222-ug:*:*:*:*:*:*",
"matchCriteriaId": "FC65FCFC-CD55-401A-8986-A1DBF544D228",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223-ug:*:*:*:*:*:*",
"matchCriteriaId": "EEBD3AEC-284C-44E1-A4CD-010787114737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224-ug:*:*:*:*:*:*",
"matchCriteriaId": "42F87C20-5A00-43C9-A445-50AD716233D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225-ug:*:*:*:*:*:*",
"matchCriteriaId": "C1412AFC-CBE8-4151-B01D-785F11ACAB85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226-ug:*:*:*:*:*:*",
"matchCriteriaId": "6431DD1F-2269-4AFB-B486-9B6373F41C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BA5D0CB-E5B0-4C95-91A7-C662BAE01483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228-ug:*:*:*:*:*:*",
"matchCriteriaId": "A86BDAB4-3924-45A8-9130-517DEA184FA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229-ug:*:*:*:*:*:*",
"matchCriteriaId": "A6EAE07B-2849-4E3B-B8D0-F68E6440A9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*",
"matchCriteriaId": "9969057F-BD3A-474E-8A02-087575A8AA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*",
"matchCriteriaId": "7111974A-2A88-4209-8CBB-F872993AE4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*",
"matchCriteriaId": "35722902-3652-44F1-89C2-08EB51F2A1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*",
"matchCriteriaId": "E469AC46-D464-4960-8F23-CA59B3DCB7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*",
"matchCriteriaId": "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*",
"matchCriteriaId": "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*",
"matchCriteriaId": "739948F5-E005-49E3-B412-4E035C7D95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*",
"matchCriteriaId": "D1828A75-5088-4992-A06B-A58B62536F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*",
"matchCriteriaId": "58030F5A-82E1-4D54-A8F0-30CAAD4C8402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*",
"matchCriteriaId": "9A013753-5E40-4CD8-A649-6CD023E0A970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*",
"matchCriteriaId": "F554BC79-A92C-4287-9D94-3657C48E36CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*",
"matchCriteriaId": "F82710D4-3FAB-469F-B15C-F22B4786AE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*",
"matchCriteriaId": "BDE7B96D-AD37-406D-AF62-3797E7A55119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*",
"matchCriteriaId": "A9C294EC-F0BE-44DA-9073-D29D693F0964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*",
"matchCriteriaId": "E05B6CD2-A581-46C2-AEA7-D8A6028FB466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*",
"matchCriteriaId": "6CEC1380-E75E-40B5-BDE8-94E12317CCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*",
"matchCriteriaId": "C7B7079D-785C-4941-929A-C82B54809728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*",
"matchCriteriaId": "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*",
"matchCriteriaId": "31F8FFF5-25BD-408D-9089-567AF16BA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*",
"matchCriteriaId": "EE834CFD-5533-4989-8836-D0F07ED4919C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*",
"matchCriteriaId": "092F9149-6B82-48CD-B90C-87DB36881F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*",
"matchCriteriaId": "B2EA0EC1-0139-403C-AC9B-08D8530F4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*",
"matchCriteriaId": "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*",
"matchCriteriaId": "755CCD27-3C87-497F-BDBB-48D3163909A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201911001:*:*:*:*:*:*",
"matchCriteriaId": "2130E67D-7F2A-4D82-BEFD-BA42B6B6FDA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*",
"matchCriteriaId": "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*",
"matchCriteriaId": "1CE71B5C-586B-4829-9A7E-3A008A1C1E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*",
"matchCriteriaId": "802A1549-678C-4001-807B-97AD0953B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*",
"matchCriteriaId": "A6024926-4AE4-4609-99DE-E3173A72058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*",
"matchCriteriaId": "AB1CAAFF-616A-4455-86CA-0ED553D3D27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*",
"matchCriteriaId": "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*",
"matchCriteriaId": "13C713B1-AEA0-40B0-829E-4D0A23808577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004301:*:*:*:*:*:*",
"matchCriteriaId": "04BAED99-1BF3-4089-B6E6-0BE505E6D846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004401:*:*:*:*:*:*",
"matchCriteriaId": "F318EA34-1EB7-484D-B016-3173683B0823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004402:*:*:*:*:*:*",
"matchCriteriaId": "08254171-3483-4796-AD29-8C8A66BEA7A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004403:*:*:*:*:*:*",
"matchCriteriaId": "BB87B220-ED25-4818-8E70-A9663CCEF005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004404:*:*:*:*:*:*",
"matchCriteriaId": "1275D19D-05C0-42F8-8402-647E512DAC72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004405:*:*:*:*:*:*",
"matchCriteriaId": "7D919EB9-F45B-4A4B-9887-7DE98065B766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004406:*:*:*:*:*:*",
"matchCriteriaId": "6CB29FBD-2AD3-49D0-9F49-AE4DD9192C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004407:*:*:*:*:*:*",
"matchCriteriaId": "C2ACA3A8-5B40-45C4-B47F-0DCF04D6700F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004408:*:*:*:*:*:*",
"matchCriteriaId": "92E98665-4919-4D45-88CF-28835DADD6E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C0A275B7-DBF3-4332-8B5F-C9CAD84229B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202008001:*:*:*:*:*:*",
"matchCriteriaId": "497F58A2-0A2C-4A59-A73B-31C956EF3CD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202010001:*:*:*:*:*:*",
"matchCriteriaId": "18E8632C-E442-4F18-BFE2-96AE5C839F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202011001:*:*:*:*:*:*",
"matchCriteriaId": "13D69B99-CB36-45DD-9FD9-C58186998200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202011002:*:*:*:*:*:*",
"matchCriteriaId": "EF0BC157-1834-46D8-9BF9-0CE9648C7D8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202102001:*:*:*:*:*:*",
"matchCriteriaId": "728136B6-47A7-42BC-9464-7745E4F2B4FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202103001:*:*:*:*:*:*",
"matchCriteriaId": "3967967A-E0A5-45B3-999C-D749A9B0C791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "4ADC3CFF-7415-46A5-817A-2F053B261E8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ESXi contains a slow HTTP POST denial-of-service vulnerability in rhttpproxy. A malicious actor with network access to ESXi may exploit this issue to create a denial-of-service condition by overwhelming rhttpproxy service with multiple requests."
},
{
"lang": "es",
"value": "ESXi contiene una vulnerabilidad de denegaci\u00f3n de servicio HTTP POST lenta en rhttpproxy. Un actor malicioso con acceso a la red de ESXi puede explotar este problema para crear una condici\u00f3n de denegaci\u00f3n de servicio al abrumar el servicio rhttpproxy con m\u00faltiples peticiones"
}
],
"id": "CVE-2021-22050",
"lastModified": "2024-11-21T05:49:30.187",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-16T17:15:10.653",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-26 15:15
Modified
2025-04-02 16:53
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html | Third Party Advisory, VDB Entry | |
| security@vmware.com | http://packetstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0010.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0010.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * |
{
"cisaActionDue": "2021-11-17",
"cisaExploitAdd": "2021-11-03",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "VMware vCenter Server Improper Input Validation Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*",
"matchCriteriaId": "CF7DDB0C-3C07-4B5E-8B8A-0542FEE72877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*",
"matchCriteriaId": "1DD16169-A7DF-4604-888C-156A60018E32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*",
"matchCriteriaId": "46FC9F34-C8FA-4AFE-9F4A-7CF9516BD4D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*",
"matchCriteriaId": "D26534EB-327B-4ED6-A3E1-005552CB1F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*",
"matchCriteriaId": "786CDD50-7E18-4437-8DB9-2D0ADECD436E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*",
"matchCriteriaId": "B2CE8DAE-0E78-4004-983D-1ECD8855EC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1:*:*:*:*:*:*",
"matchCriteriaId": "7E51F433-1152-4E94-AF77-970230B1A574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1b:*:*:*:*:*:*",
"matchCriteriaId": "0064D104-E0D8-481A-9029-D3726A1A9CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1c:*:*:*:*:*:*",
"matchCriteriaId": "9B4D3F61-6CD9-411F-A205-EB06A57EBB4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1d:*:*:*:*:*:*",
"matchCriteriaId": "F72A1E9C-F960-4E8C-A46C-B38209E6349E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1e:*:*:*:*:*:*",
"matchCriteriaId": "2C33CE46-F529-4EA9-9344-6ED3BFA7019D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1g:*:*:*:*:*:*",
"matchCriteriaId": "9F1D8161-0E02-45C9-BF61-14799AB65E03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2:*:*:*:*:*:*",
"matchCriteriaId": "1F2CB1FF-6118-4875-945D-07BAA3A21FFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2b:*:*:*:*:*:*",
"matchCriteriaId": "1AEDA28A-5C8E-4E95-A377-3BE530DBEAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2c:*:*:*:*:*:*",
"matchCriteriaId": "BDDC6510-3116-4578-80C8-8EF044A8370A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2d:*:*:*:*:*:*",
"matchCriteriaId": "8678DB48-CB98-4E4C-ADE6-CABA73265FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2g:*:*:*:*:*:*",
"matchCriteriaId": "DBD9A341-1FBF-4E04-848B-550DEB27261A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3:*:*:*:*:*:*",
"matchCriteriaId": "4955663C-1BB6-4F3E-9D4B-362DF144B7F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3d:*:*:*:*:*:*",
"matchCriteriaId": "CE0F8453-3D6C-4F1C-9167-3F02E3D905DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3f:*:*:*:*:*:*",
"matchCriteriaId": "0EAD4045-A7F9-464F-ABB9-3782941162CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3k:*:*:*:*:*:*",
"matchCriteriaId": "2F0A79C2-33AE-40C5-A853-770A4C691F29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3n:*:*:*:*:*:*",
"matchCriteriaId": "D8BB6CBC-11D6-40A4-ABAF-53AB9BED5A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*",
"matchCriteriaId": "5241C282-A02B-44B2-B6CA-BA3A99F9737C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*",
"matchCriteriaId": "04A60AC7-C2EA-4DBF-9743-54D708584AFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*",
"matchCriteriaId": "8A91B0C4-F184-459E-AFD3-DE0E351CC964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1:*:*:*:*:*:*",
"matchCriteriaId": "23253631-2655-48A8-9B00-CB984232329C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1b:*:*:*:*:*:*",
"matchCriteriaId": "50C2A9A8-0E66-4702-BCD4-74622108E7A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2:*:*:*:*:*:*",
"matchCriteriaId": "EE4D3E2A-C32D-408F-B811-EF8BC86F0D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2a:*:*:*:*:*:*",
"matchCriteriaId": "31CA7802-D78D-4BAD-A45A-68B601C010C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2c:*:*:*:*:*:*",
"matchCriteriaId": "3B98981B-4721-4752-BAB4-361DB5AEB86F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3:*:*:*:*:*:*",
"matchCriteriaId": "04487105-980A-4943-9360-4442BF0411E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3a:*:*:*:*:*:*",
"matchCriteriaId": "24D24E06-EB3F-4F11-849B-E66757B01466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3b:*:*:*:*:*:*",
"matchCriteriaId": "8AF12716-88E2-44B5-ACD7-BCBECA130FB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3f:*:*:*:*:*:*",
"matchCriteriaId": "3352212C-E820-47B3-BDF5-57018F5B9E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3g:*:*:*:*:*:*",
"matchCriteriaId": "6436ADFD-6B94-4D2A-B09B-CED4EC6CA276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3j:*:*:*:*:*:*",
"matchCriteriaId": "D06832CE-F946-469D-B495-6735F18D02A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3l:*:*:*:*:*:*",
"matchCriteriaId": "726AC46D-9EA8-4FE8-94B8-0562935458F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3m:*:*:*:*:*:*",
"matchCriteriaId": "0243D22F-1591-4A95-A7FE-2658CEE0C08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
"matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*",
"matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*",
"matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*",
"matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "0FC6765A-6584-45A8-9B21-4951D2EA8939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "85DD238C-EF73-44F0-928E-A94FF5C4B378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "F4CA36C1-732E-41AE-B847-F7411B753F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "0DA882B6-D811-4E4B-B614-2D48F0B9036E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E65D7D-C5C1-4F9B-A470-2B1E34D2C429",
"versionEndExcluding": "3.10.2.1",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD049DD-5223-42EA-BCBF-DC86C2A90D41",
"versionEndExcluding": "4.2.1",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server."
},
{
"lang": "es",
"value": "VSphere Client (HTML5) contiene una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota debido a una falta de comprobaci\u00f3n de entrada en el plugin Virtual SAN Health Check, que est\u00e1 habilitado por defecto en vCenter Server.\u0026#xa0;Un actor malicioso con acceso de red al puerto 443 puede explotar este problema para ejecutar comandos con privilegios ilimitados en el sistema operativo subyacente que aloja a vCenter Server"
}
],
"id": "CVE-2021-21985",
"lastModified": "2025-04-02T16:53:15.267",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2021-05-26T15:15:07.937",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html"
},
{
"source": "security@vmware.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.html"
},
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/163487/VMware-vCenter-Server-Virtual-SAN-Health-Check-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-470"
},
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-06-04 20:15
Modified
2025-07-14 17:22
Severity ?
Summary
VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the gateway firewall due to improper input validation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | vmware_nsx | * | |
| broadcom | vmware_nsx | * | |
| broadcom | vmware_nsx | 4.2.2 | |
| vmware | cloud_foundation | * | |
| vmware | telco_cloud_infrastructure | * | |
| vmware | telco_cloud_platform | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:vmware_nsx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA802D68-9739-4EF6-8A2A-841E5A30B747",
"versionEndExcluding": "4.1.2.6",
"versionStartIncluding": "3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:vmware_nsx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2EA245FB-84B8-4B53-8697-029435CD793E",
"versionEndExcluding": "4.2.1.4",
"versionStartIncluding": "4.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:vmware_nsx:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3E4DA6-50BF-402E-AC32-29FB702C23DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2A1D50-E58C-4FB4-821E-CB17B4D6170C",
"versionEndIncluding": "5.2.1.2",
"versionStartIncluding": "4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_infrastructure:*:*:*:*:*:*:*:*",
"matchCriteriaId": "904AA81A-D1C3-4DAF-BB2C-C51FEDF5B3F6",
"versionEndIncluding": "3.0",
"versionStartIncluding": "2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E78094-639D-47D6-998B-4EB111E45D18",
"versionEndIncluding": "5.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the gateway firewall due to improper input validation."
},
{
"lang": "es",
"value": "VMware NSX contiene una vulnerabilidad de Cross-Site Scripting (XSS) almacenado en el firewall de puerta de enlace debido a una validaci\u00f3n de entrada incorrecta."
}
],
"id": "CVE-2025-22244",
"lastModified": "2025-07-14T17:22:22.200",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 4.7,
"source": "security@vmware.com",
"type": "Secondary"
}
]
},
"published": "2025-06-04T20:15:22.263",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25738"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-20 17:15
Modified
2025-08-13 12:52
Severity ?
Summary
VMware NSX-T (3.x before 3.0.2, 2.5.x before 2.5.2.2.0) contains a security vulnerability that exists in the way it allows a KVM host to download and install packages from NSX manager. A malicious actor with MITM positioning may be able to exploit this issue to compromise the transport node.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2020-0023.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2020-0023.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | vmware_nsx-t_data_center | * | |
| broadcom | vmware_nsx-t_data_center | * | |
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:vmware_nsx-t_data_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CBDCF754-3AC8-4668-84CB-952DBDD13888",
"versionEndExcluding": "2.5.2.2.0",
"versionStartIncluding": "2.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:vmware_nsx-t_data_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DD60B7F-6A04-436D-93EA-DC96ED89251B",
"versionEndExcluding": "3.0.2",
"versionStartIncluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A62C8589-3F25-4652-8CAA-EC10C64C2FF8",
"versionEndExcluding": "3.10.1.1",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2A68886-4079-4BE1-9E51-6022ED680B86",
"versionEndExcluding": "4.1",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware NSX-T (3.x before 3.0.2, 2.5.x before 2.5.2.2.0) contains a security vulnerability that exists in the way it allows a KVM host to download and install packages from NSX manager. A malicious actor with MITM positioning may be able to exploit this issue to compromise the transport node."
},
{
"lang": "es",
"value": "VMware NSX-T (versiones 3.x anteriores 3.0.2, versiones 2.5.x anteriores a 2.5.2.2.0), contiene una vulnerabilidad de seguridad que se presenta en la manera en que permite que un host KVM descargue e instale paquetes desde el administrador de NSX.\u0026#xa0;Un actor malicioso con posicionamiento MITM puede ser capaz de explotar este problema para comprometer el nodo de transporte"
}
],
"id": "CVE-2020-3993",
"lastModified": "2025-08-13T12:52:10.387",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-20T17:15:12.903",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 13:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vCenter Server contains a denial-of-service vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 5480 on vCenter Server may exploit this issue by sending a specially crafted jsonrpc message to create a denial of service condition.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "127DEE95-0B04-4A98-B96A-15CC253C7357",
"versionEndExcluding": "3.10.2.2",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "722CF000-C0A1-4704-BDC6-3446D1530F3B",
"versionEndExcluding": "4.3",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a denial-of-service vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 5480 on vCenter Server may exploit this issue by sending a specially crafted jsonrpc message to create a denial of service condition."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de denegaci\u00f3n de servicio en el servicio VAPI (vCenter API). Un actor malicioso con acceso a la red al puerto 5480 en vCenter Server puede explotar este problema mediante el env\u00edo de un mensaje jsonrpc especialmente dise\u00f1ado para crear una condici\u00f3n de denegaci\u00f3n de servicio"
}
],
"id": "CVE-2021-22019",
"lastModified": "2024-11-21T05:49:27.043",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T13:15:08.310",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-20 21:15
Modified
2025-02-05 16:15
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
VMware Aria Operations for Logs contains a command injection vulnerability. A malicious actor with administrative privileges in VMware Aria Operations for Logs can execute arbitrary commands as root.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | aria_operations_for_logs | * | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:aria_operations_for_logs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6EB0AB7-8866-4ED9-942C-FC7ADF40666B",
"versionEndExcluding": "8.12.0",
"versionStartIncluding": "8.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF004A8-90A0-4804-97DA-C2C2005A54AA",
"versionEndIncluding": "4.5",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations for Logs contains a command injection vulnerability. A malicious actor with administrative privileges in VMware Aria Operations for Logs can execute arbitrary commands as root."
}
],
"id": "CVE-2023-20865",
"lastModified": "2025-02-05T16:15:34.283",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-04-20T21:15:08.670",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0007.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-24 17:15
Modified
2025-04-02 21:07
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html | Exploit, Third Party Advisory, VDB Entry | |
| security@vmware.com | http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| security@vmware.com | http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0002.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0002.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 |
{
"cisaActionDue": "2021-11-17",
"cisaExploitAdd": "2021-11-03",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "VMware vCenter Server Remote Code Execution Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1995769A-1AB9-47FA-966A-8E82D414161E",
"versionEndExcluding": "3.10.1.2",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A608D809-6E65-4228-9207-CB470529C542",
"versionEndExcluding": "4.2",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*",
"matchCriteriaId": "CF7DDB0C-3C07-4B5E-8B8A-0542FEE72877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*",
"matchCriteriaId": "1DD16169-A7DF-4604-888C-156A60018E32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*",
"matchCriteriaId": "46FC9F34-C8FA-4AFE-9F4A-7CF9516BD4D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*",
"matchCriteriaId": "D26534EB-327B-4ED6-A3E1-005552CB1F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*",
"matchCriteriaId": "786CDD50-7E18-4437-8DB9-2D0ADECD436E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*",
"matchCriteriaId": "B2CE8DAE-0E78-4004-983D-1ECD8855EC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1d:*:*:*:*:*:*",
"matchCriteriaId": "F72A1E9C-F960-4E8C-A46C-B38209E6349E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1e:*:*:*:*:*:*",
"matchCriteriaId": "2C33CE46-F529-4EA9-9344-6ED3BFA7019D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1g:*:*:*:*:*:*",
"matchCriteriaId": "9F1D8161-0E02-45C9-BF61-14799AB65E03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2:*:*:*:*:*:*",
"matchCriteriaId": "1F2CB1FF-6118-4875-945D-07BAA3A21FFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2b:*:*:*:*:*:*",
"matchCriteriaId": "1AEDA28A-5C8E-4E95-A377-3BE530DBEAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2c:*:*:*:*:*:*",
"matchCriteriaId": "BDDC6510-3116-4578-80C8-8EF044A8370A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2d:*:*:*:*:*:*",
"matchCriteriaId": "8678DB48-CB98-4E4C-ADE6-CABA73265FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2g:*:*:*:*:*:*",
"matchCriteriaId": "DBD9A341-1FBF-4E04-848B-550DEB27261A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3:*:*:*:*:*:*",
"matchCriteriaId": "4955663C-1BB6-4F3E-9D4B-362DF144B7F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3d:*:*:*:*:*:*",
"matchCriteriaId": "CE0F8453-3D6C-4F1C-9167-3F02E3D905DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3f:*:*:*:*:*:*",
"matchCriteriaId": "0EAD4045-A7F9-464F-ABB9-3782941162CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3k:*:*:*:*:*:*",
"matchCriteriaId": "2F0A79C2-33AE-40C5-A853-770A4C691F29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*",
"matchCriteriaId": "5241C282-A02B-44B2-B6CA-BA3A99F9737C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*",
"matchCriteriaId": "04A60AC7-C2EA-4DBF-9743-54D708584AFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*",
"matchCriteriaId": "8A91B0C4-F184-459E-AFD3-DE0E351CC964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1:*:*:*:*:*:*",
"matchCriteriaId": "23253631-2655-48A8-9B00-CB984232329C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1b:*:*:*:*:*:*",
"matchCriteriaId": "50C2A9A8-0E66-4702-BCD4-74622108E7A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2:*:*:*:*:*:*",
"matchCriteriaId": "EE4D3E2A-C32D-408F-B811-EF8BC86F0D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2a:*:*:*:*:*:*",
"matchCriteriaId": "31CA7802-D78D-4BAD-A45A-68B601C010C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2c:*:*:*:*:*:*",
"matchCriteriaId": "3B98981B-4721-4752-BAB4-361DB5AEB86F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3:*:*:*:*:*:*",
"matchCriteriaId": "04487105-980A-4943-9360-4442BF0411E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3a:*:*:*:*:*:*",
"matchCriteriaId": "24D24E06-EB3F-4F11-849B-E66757B01466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3b:*:*:*:*:*:*",
"matchCriteriaId": "8AF12716-88E2-44B5-ACD7-BCBECA130FB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3f:*:*:*:*:*:*",
"matchCriteriaId": "3352212C-E820-47B3-BDF5-57018F5B9E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3g:*:*:*:*:*:*",
"matchCriteriaId": "6436ADFD-6B94-4D2A-B09B-CED4EC6CA276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3j:*:*:*:*:*:*",
"matchCriteriaId": "D06832CE-F946-469D-B495-6735F18D02A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
"matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*",
"matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*",
"matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*",
"matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2)."
},
{
"lang": "es",
"value": "El VSphere Client (HTML5) contiene una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en un plugin de vCenter Server.\u0026#xa0;Un actor malicioso con acceso de red al puerto 443 puede explotar este problema para ejecutar comandos con privilegios no restringidos en el sistema operativo subyacente que aloja vCenter Server.\u0026#xa0;Esto afecta a VMware vCenter Server (versiones 7.x anteriores a 7.0 U1c, versiones 6.7 anteriores a 6.7 U3l y versiones 6.5 anteriores a 6.5 U3n) y VMware Cloud Foundation (versiones 4.x anteriores a 4.2 y versiones 3.x anteriores a 3.10.1.2)"
}
],
"id": "CVE-2021-21972",
"lastModified": "2025-04-02T21:07:42.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2021-02-24T17:15:15.833",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html"
},
{
"source": "security@vmware.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html"
},
{
"source": "security@vmware.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html"
},
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/161590/VMware-vCenter-Server-7.0-Arbitrary-File-Upload.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/161695/VMware-vCenter-Server-File-Upload-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/163268/VMware-vCenter-6.5-6.7-7.0-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-18 12:15
Modified
2024-11-21 04:31
Severity ?
Summary
Harbor API has a Broken Access Control vulnerability. The vulnerability allows project administrators to use the Harbor API to create a robot account with unauthorized push and/or pull access permissions to a project they don't have access or control for. The Harbor API did not enforce the proper project permissions and project scope on the API request to create a new robot account.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.vmware.com/security/advisories/VMSA-2019-0016.html | Third Party Advisory | |
| cve@mitre.org | https://github.com/goharbor/harbor/security/advisories/GHSA-x2r2-w9c7-h624 | Patch, Third Party Advisory | |
| cve@mitre.org | https://landscape.cncf.io/selected=harbor | Product, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vmware.com/security/advisories/VMSA-2019-0016.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/goharbor/harbor/security/advisories/GHSA-x2r2-w9c7-h624 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://landscape.cncf.io/selected=harbor | Product, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linuxfoundation | harbor | * | |
| linuxfoundation | harbor | 1.9.0 | |
| vmware | cloud_foundation | - | |
| vmware | harbor_container_registry | * | |
| vmware | harbor_container_registry | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:harbor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A78D74C0-A7FA-4F4E-9238-5A31F4C94A4D",
"versionEndIncluding": "1.8.3",
"versionStartIncluding": "1.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:linuxfoundation:harbor:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93DEFD35-079B-47BC-B82A-8C43804660C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31A7BB38-3238-413E-9736-F1A165D40867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:harbor_container_registry:*:*:*:*:*:pivotal_cloud_foundry:*:*",
"matchCriteriaId": "D927AFA0-8F21-48A5-9A0A-C62CF9AD786F",
"versionEndIncluding": "1.7.6",
"versionStartIncluding": "1.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:harbor_container_registry:*:*:*:*:*:pivotal_cloud_foundry:*:*",
"matchCriteriaId": "D3848163-C044-4D72-A7DE-FE510C428596",
"versionEndExcluding": "1.8.4",
"versionStartIncluding": "1.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Harbor API has a Broken Access Control vulnerability. The vulnerability allows project administrators to use the Harbor API to create a robot account with unauthorized push and/or pull access permissions to a project they don\u0027t have access or control for. The Harbor API did not enforce the proper project permissions and project scope on the API request to create a new robot account."
},
{
"lang": "es",
"value": "La API de Harbor tiene una vulnerabilidad de Control de Acceso Interrumpido. La vulnerabilidad permite a los administradores de proyectos utilizar la API de Harbor para crear una cuenta robot con permisos de acceso no autorizados para presionar y/o arrastrar en un proyecto al que no tienen acceso o control. La API de Harbor aplic\u00f3 los permisos y el alcance del proyecto apropiados en la petici\u00f3n de API para crear una nueva cuenta robot."
}
],
"id": "CVE-2019-16919",
"lastModified": "2024-11-21T04:31:20.477",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-18T12:15:10.190",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2019-0016.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/goharbor/harbor/security/advisories/GHSA-x2r2-w9c7-h624"
},
{
"source": "cve@mitre.org",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "https://landscape.cncf.io/selected=harbor"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2019-0016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/goharbor/harbor/security/advisories/GHSA-x2r2-w9c7-h624"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product",
"Third Party Advisory"
],
"url": "https://landscape.cncf.io/selected=harbor"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-05-13 06:15
Modified
2025-07-11 14:27
Severity ?
Summary
VMware Aria automation contains a DOM based Cross-Site Scripting (XSS) vulnerability. A malicious actor may exploit this issue to steal the access token of a logged in user of VMware Aria automation appliance by tricking the user into clicking a malicious crafted payload URL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | aria_automation | 8.18.0 | |
| vmware | aria_automation | 8.18.1 | |
| vmware | aria_automation | 8.18.1 | |
| vmware | cloud_foundation | * | |
| vmware | telco_cloud_platform | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:aria_automation:8.18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "34CB9DCB-C7F6-48CE-B0CD-510B7E9E52D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:aria_automation:8.18.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BA903210-107C-4005-9EBD-A62609D1081E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:aria_automation:8.18.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "5495556A-74A4-4FA2-B48F-55E6B0F5875D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E48E9C72-7BD4-4CC7-B44A-B5A017451552",
"versionEndIncluding": "5.2.1",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DCC8565-8FB0-4A1D-A761-48B21155A5F6",
"versionEndIncluding": "5.0.1",
"versionStartIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria automation contains a DOM based Cross-Site Scripting (XSS) vulnerability.\u00a0A malicious actor may exploit this issue to steal the access token of a logged in user of VMware Aria automation appliance by tricking the user into clicking a malicious crafted payload URL."
},
{
"lang": "es",
"value": "La automatizaci\u00f3n de VMware Aria contiene una vulnerabilidad de Cross Site Scripting (XSS) basada en DOM. Un atacante malicioso podr\u00eda aprovechar esta vulnerabilidad para robar el token de acceso de un usuario conectado al dispositivo de automatizaci\u00f3n VMware Aria, enga\u00f1\u00e1ndolo para que haga clic en una URL maliciosa."
}
],
"id": "CVE-2025-22249",
"lastModified": "2025-07-11T14:27:30.537",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7,
"source": "security@vmware.com",
"type": "Secondary"
}
]
},
"published": "2025-05-13T06:15:36.403",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory",
"Patch"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25711"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-31 22:15
Modified
2024-11-21 05:49
Severity ?
Summary
VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on port 7443. A malicious actor with network access to port 7443 may attempt user enumeration or brute force the login endpoint, which may or may not be practical based on lockout policy configuration and password complexity for the target account.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0016.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0016.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | identity_manager | 3.3.2 | |
| vmware | identity_manager | 3.3.3 | |
| vmware | identity_manager | 3.3.4 | |
| vmware | identity_manager | 3.3.5 | |
| vmware | workspace_one_access | 20.01 | |
| vmware | workspace_one_access | 20.10 | |
| vmware | workspace_one_access | 20.10.01 | |
| linux | linux_kernel | - | |
| vmware | cloud_foundation | 4.0 | |
| vmware | cloud_foundation | 4.0.1 | |
| vmware | cloud_foundation | 4.1 | |
| vmware | cloud_foundation | 4.1.0.1 | |
| vmware | cloud_foundation | 4.2.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.0 | |
| vmware | vrealize_suite_lifecycle_manager | 8.0.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "22BC2D96-5922-4995-B006-1BAB5FE51D93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "97D98937-489B-4AA5-B99E-9AB639C582CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0E93CB5E-CB4A-474A-9901-2E098928C489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A215A7D-F644-41DE-AB4E-69145DA48F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:20.01:*:*:*:*:*:*:*",
"matchCriteriaId": "FFFD453B-7658-4FDA-BA4D-B13681F51724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:20.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EDC57F3A-E726-4EE5-924D-9C94FED4718D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:20.10.01:*:*:*:*:*:*:*",
"matchCriteriaId": "6C2F7CB4-8425-4D9F-97FC-AD96D9ABC202",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "38EB0C0C-56CF-4A8F-A36F-E0E180B9059E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A54544F5-5929-4609-A91C-FCA0FDBFE862",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA6D6348-E71A-4DA4-AC84-51397B2461A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8EC0B43-8667-45D6-BF97-03DDFFAD2AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4C5700-1AFE-49F6-AC92-09F2349345ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3318D91-40AC-4649-8FCD-4557C8F934B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A06C29AB-1EAF-43EF-96C3-9E3468911B2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "43723EC2-295E-4AF7-B654-70F9E42F4807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB84C30-EE5D-4C15-A74E-7B2B3E0DED4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on port 7443. A malicious actor with network access to port 7443 may attempt user enumeration or brute force the login endpoint, which may or may not be practical based on lockout policy configuration and password complexity for the target account."
},
{
"lang": "es",
"value": "VMware Workspace ONE Access y Identity Manager, proporcionan sin intenci\u00f3n una interfaz de inicio de sesi\u00f3n en el puerto 7443. Un actor malicioso con acceso a la red al puerto 7443 puede intentar enumerar a usuarios o forzar el endpoint de inicio de sesi\u00f3n, que puede o no ser pr\u00e1ctico basado en la configuraci\u00f3n de la pol\u00edtica de bloqueo y la complejidad de la contrase\u00f1a de la cuenta de destino"
}
],
"id": "CVE-2021-22003",
"lastModified": "2024-11-21T05:49:25.333",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-31T22:15:08.367",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0016.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0016.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-307"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-26 15:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. A malicious actor with network access to port 443 on vCenter Server may perform actions allowed by the impacted plug-ins without authentication.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html | Third Party Advisory, VDB Entry | |
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0010.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0010.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*",
"matchCriteriaId": "CF7DDB0C-3C07-4B5E-8B8A-0542FEE72877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*",
"matchCriteriaId": "1DD16169-A7DF-4604-888C-156A60018E32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*",
"matchCriteriaId": "46FC9F34-C8FA-4AFE-9F4A-7CF9516BD4D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*",
"matchCriteriaId": "D26534EB-327B-4ED6-A3E1-005552CB1F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*",
"matchCriteriaId": "786CDD50-7E18-4437-8DB9-2D0ADECD436E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*",
"matchCriteriaId": "B2CE8DAE-0E78-4004-983D-1ECD8855EC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1:*:*:*:*:*:*",
"matchCriteriaId": "7E51F433-1152-4E94-AF77-970230B1A574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1b:*:*:*:*:*:*",
"matchCriteriaId": "0064D104-E0D8-481A-9029-D3726A1A9CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1c:*:*:*:*:*:*",
"matchCriteriaId": "9B4D3F61-6CD9-411F-A205-EB06A57EBB4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1d:*:*:*:*:*:*",
"matchCriteriaId": "F72A1E9C-F960-4E8C-A46C-B38209E6349E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1e:*:*:*:*:*:*",
"matchCriteriaId": "2C33CE46-F529-4EA9-9344-6ED3BFA7019D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1g:*:*:*:*:*:*",
"matchCriteriaId": "9F1D8161-0E02-45C9-BF61-14799AB65E03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2:*:*:*:*:*:*",
"matchCriteriaId": "1F2CB1FF-6118-4875-945D-07BAA3A21FFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2b:*:*:*:*:*:*",
"matchCriteriaId": "1AEDA28A-5C8E-4E95-A377-3BE530DBEAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2c:*:*:*:*:*:*",
"matchCriteriaId": "BDDC6510-3116-4578-80C8-8EF044A8370A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2d:*:*:*:*:*:*",
"matchCriteriaId": "8678DB48-CB98-4E4C-ADE6-CABA73265FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2g:*:*:*:*:*:*",
"matchCriteriaId": "DBD9A341-1FBF-4E04-848B-550DEB27261A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3:*:*:*:*:*:*",
"matchCriteriaId": "4955663C-1BB6-4F3E-9D4B-362DF144B7F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3d:*:*:*:*:*:*",
"matchCriteriaId": "CE0F8453-3D6C-4F1C-9167-3F02E3D905DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3f:*:*:*:*:*:*",
"matchCriteriaId": "0EAD4045-A7F9-464F-ABB9-3782941162CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3k:*:*:*:*:*:*",
"matchCriteriaId": "2F0A79C2-33AE-40C5-A853-770A4C691F29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3n:*:*:*:*:*:*",
"matchCriteriaId": "D8BB6CBC-11D6-40A4-ABAF-53AB9BED5A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*",
"matchCriteriaId": "5241C282-A02B-44B2-B6CA-BA3A99F9737C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*",
"matchCriteriaId": "04A60AC7-C2EA-4DBF-9743-54D708584AFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*",
"matchCriteriaId": "8A91B0C4-F184-459E-AFD3-DE0E351CC964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1:*:*:*:*:*:*",
"matchCriteriaId": "23253631-2655-48A8-9B00-CB984232329C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1b:*:*:*:*:*:*",
"matchCriteriaId": "50C2A9A8-0E66-4702-BCD4-74622108E7A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2:*:*:*:*:*:*",
"matchCriteriaId": "EE4D3E2A-C32D-408F-B811-EF8BC86F0D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2a:*:*:*:*:*:*",
"matchCriteriaId": "31CA7802-D78D-4BAD-A45A-68B601C010C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2c:*:*:*:*:*:*",
"matchCriteriaId": "3B98981B-4721-4752-BAB4-361DB5AEB86F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3:*:*:*:*:*:*",
"matchCriteriaId": "04487105-980A-4943-9360-4442BF0411E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3a:*:*:*:*:*:*",
"matchCriteriaId": "24D24E06-EB3F-4F11-849B-E66757B01466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3b:*:*:*:*:*:*",
"matchCriteriaId": "8AF12716-88E2-44B5-ACD7-BCBECA130FB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3f:*:*:*:*:*:*",
"matchCriteriaId": "3352212C-E820-47B3-BDF5-57018F5B9E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3g:*:*:*:*:*:*",
"matchCriteriaId": "6436ADFD-6B94-4D2A-B09B-CED4EC6CA276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3j:*:*:*:*:*:*",
"matchCriteriaId": "D06832CE-F946-469D-B495-6735F18D02A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3l:*:*:*:*:*:*",
"matchCriteriaId": "726AC46D-9EA8-4FE8-94B8-0562935458F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3m:*:*:*:*:*:*",
"matchCriteriaId": "0243D22F-1591-4A95-A7FE-2658CEE0C08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
"matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*",
"matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*",
"matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*",
"matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "0FC6765A-6584-45A8-9B21-4951D2EA8939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "85DD238C-EF73-44F0-928E-A94FF5C4B378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "F4CA36C1-732E-41AE-B847-F7411B753F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "0DA882B6-D811-4E4B-B614-2D48F0B9036E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E65D7D-C5C1-4F9B-A470-2B1E34D2C429",
"versionEndExcluding": "3.10.2.1",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD049DD-5223-42EA-BCBF-DC86C2A90D41",
"versionEndExcluding": "4.2.1",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. A malicious actor with network access to port 443 on vCenter Server may perform actions allowed by the impacted plug-ins without authentication."
},
{
"lang": "es",
"value": "VSphere Client (HTML5) contiene una vulnerabilidad en un mecanismo de autenticaci\u00f3n de vSphere para los plugins Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager y VMware Cloud Director Availability.\u0026#xa0;Un actor malicioso con acceso de red al puerto 443 en vCenter Server puede llevar a cabo acciones permitidas por los plugins afectados sin autenticaci\u00f3n"
}
],
"id": "CVE-2021-21986",
"lastModified": "2024-11-21T05:49:22.557",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-26T15:15:07.973",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html"
},
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-25 15:15
Modified
2024-11-21 05:32
Severity ?
Summary
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in the Shader functionality. A malicious actor with non-administrative local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to crash the virtual machine's vmx process leading to a partial denial of service condition.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2020-0015.html | Vendor Advisory | |
| security@vmware.com | https://www.zerodayinitiative.com/advisories/ZDI-20-782/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2020-0015.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-20-782/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | fusion | * | |
| vmware | workstation | * | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 7.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F22BFA96-7E07-4E05-90A4-45A2F2FC2064",
"versionEndExcluding": "3.10",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02A5A8AC-4C6C-4E95-B730-00783FB79DFF",
"versionEndExcluding": "4.0.1",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CD44672-26F4-4B0F-933E-C929B32E3C9E",
"versionEndExcluding": "11.5.5",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEDE60F7-0DD8-43BD-9780-40058AFDB073",
"versionEndExcluding": "15.5.5",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*",
"matchCriteriaId": "7F916A39-13BD-44A7-A9EC-1FD40EBE357C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*",
"matchCriteriaId": "4F8219B4-1FC2-4383-83E6-92DF700C72D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*",
"matchCriteriaId": "C44C9D6A-8BBE-4970-A732-B9F86D42A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*",
"matchCriteriaId": "427F4ED8-8782-4BDF-A559-11CB8E0A65F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*",
"matchCriteriaId": "63DDC95E-BBCD-4A68-9AFB-B5F9D206818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*",
"matchCriteriaId": "B27E3424-5D4E-4E5D-8762-7AECBB11FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2D217AAB-D45F-480B-8F82-16B261F370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*",
"matchCriteriaId": "1B58312B-D72B-4F13-9EF5-0F42CE592757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*",
"matchCriteriaId": "8FBB88C2-793A-40F2-AA40-EC315115AE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*",
"matchCriteriaId": "21F59801-904B-427F-A1A9-C933E38AB7AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*",
"matchCriteriaId": "5A3FFDE9-FD36-41F9-AC35-E14BB6AEF7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*",
"matchCriteriaId": "D22AFAE1-F817-4037-8EE5-AF04314AAAB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*",
"matchCriteriaId": "8D4C44D6-73AD-48A3-B5F3-31B1FDC77E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*",
"matchCriteriaId": "5D1694B2-1CD9-4943-8CFF-38218CDB88F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*",
"matchCriteriaId": "154B54C8-1D65-4D3E-A64B-CF2D21E71FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*",
"matchCriteriaId": "D86BCD56-4BD6-4C61-B80E-12E47D12A00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*",
"matchCriteriaId": "6741A159-1D92-4E25-BD43-606DE1138D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*",
"matchCriteriaId": "DCC98C53-EEC1-4CFE-9C31-9F2592723B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*",
"matchCriteriaId": "9969057F-BD3A-474E-8A02-087575A8AA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*",
"matchCriteriaId": "7111974A-2A88-4209-8CBB-F872993AE4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*",
"matchCriteriaId": "35722902-3652-44F1-89C2-08EB51F2A1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*",
"matchCriteriaId": "E469AC46-D464-4960-8F23-CA59B3DCB7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*",
"matchCriteriaId": "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*",
"matchCriteriaId": "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*",
"matchCriteriaId": "739948F5-E005-49E3-B412-4E035C7D95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*",
"matchCriteriaId": "D1828A75-5088-4992-A06B-A58B62536F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*",
"matchCriteriaId": "58030F5A-82E1-4D54-A8F0-30CAAD4C8402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*",
"matchCriteriaId": "9A013753-5E40-4CD8-A649-6CD023E0A970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*",
"matchCriteriaId": "F554BC79-A92C-4287-9D94-3657C48E36CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*",
"matchCriteriaId": "F82710D4-3FAB-469F-B15C-F22B4786AE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*",
"matchCriteriaId": "BDE7B96D-AD37-406D-AF62-3797E7A55119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*",
"matchCriteriaId": "A9C294EC-F0BE-44DA-9073-D29D693F0964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*",
"matchCriteriaId": "E05B6CD2-A581-46C2-AEA7-D8A6028FB466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*",
"matchCriteriaId": "6CEC1380-E75E-40B5-BDE8-94E12317CCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*",
"matchCriteriaId": "C7B7079D-785C-4941-929A-C82B54809728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*",
"matchCriteriaId": "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*",
"matchCriteriaId": "31F8FFF5-25BD-408D-9089-567AF16BA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*",
"matchCriteriaId": "EE834CFD-5533-4989-8836-D0F07ED4919C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*",
"matchCriteriaId": "092F9149-6B82-48CD-B90C-87DB36881F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*",
"matchCriteriaId": "B2EA0EC1-0139-403C-AC9B-08D8530F4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*",
"matchCriteriaId": "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*",
"matchCriteriaId": "755CCD27-3C87-497F-BDBB-48D3163909A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*",
"matchCriteriaId": "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*",
"matchCriteriaId": "1CE71B5C-586B-4829-9A7E-3A008A1C1E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*",
"matchCriteriaId": "802A1549-678C-4001-807B-97AD0953B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*",
"matchCriteriaId": "A6024926-4AE4-4609-99DE-E3173A72058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*",
"matchCriteriaId": "AB1CAAFF-616A-4455-86CA-0ED553D3D27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*",
"matchCriteriaId": "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*",
"matchCriteriaId": "13C713B1-AEA0-40B0-829E-4D0A23808577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "70F4DA98-C1D3-489E-958C-B466BEAD772B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in the Shader functionality. A malicious actor with non-administrative local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to crash the virtual machine\u0027s vmx process leading to a partial denial of service condition."
},
{
"lang": "es",
"value": "VMware ESXi (versiones 7.0 anteriores a ESXi_7.0.0-1.20.16321839, versiones 6.7 anteriores a ESXi670-202004101-SG y versiones 6.5 anteriores a ESXi650-202005401-SG), Workstation (versiones 15.x anteriores a 15.5.5) y Fusion (versiones 11.x anteriores a 11.5. 5), contienen una vulnerabilidad de lectura fuera de l\u00edmites en la funcionalidad Shader. Un actor malicioso con acceso local no administrativo a una m\u00e1quina virtual con gr\u00e1ficos 3D habilitados puede ser capaz de explotar esta vulnerabilidad para bloquear el proceso vmx de la m\u00e1quina virtual conllevando a una condici\u00f3n de denegaci\u00f3n de servicio parcial"
}
],
"id": "CVE-2020-3970",
"lastModified": "2024-11-21T05:32:05.153",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-25T15:15:11.443",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"source": "security@vmware.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-782/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-782/"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-13 18:15
Modified
2024-11-21 06:47
Severity ?
Summary
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://packetstormsecurity.com/files/171918/Mware-Workspace-ONE-Remote-Code-Execution.html | ||
| security@vmware.com | http://packetstormsecurity.com/files/171918/VMware-Workspace-ONE-Remote-Code-Execution.html | ||
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2022-0011.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/171918/Mware-Workspace-ONE-Remote-Code-Execution.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/171918/VMware-Workspace-ONE-Remote-Code-Execution.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2022-0011.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | identity_manager | 3.3.3 | |
| vmware | identity_manager | 3.3.4 | |
| vmware | identity_manager | 3.3.5 | |
| vmware | identity_manager | 3.3.6 | |
| vmware | vrealize_automation | * | |
| vmware | vrealize_automation | 7.6 | |
| vmware | vrealize_suite_lifecycle_manager | * | |
| vmware | workspace_one_access | 20.10.0.0 | |
| vmware | workspace_one_access | 20.10.0.1 | |
| vmware | workspace_one_access | 21.08.0.0 | |
| vmware | workspace_one_access | 21.08.0.1 | |
| linux | linux_kernel | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5071E0B4-FE4B-4525-BAF6-3900D9C8D48D",
"versionEndExcluding": "5.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "97D98937-489B-4AA5-B99E-9AB639C582CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0E93CB5E-CB4A-474A-9901-2E098928C489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A215A7D-F644-41DE-AB4E-69145DA48F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBB8190-2101-4EE5-844E-B46E7FB78FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_automation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "370EF5F6-77E2-4EF7-9148-9DA5C52E50F5",
"versionEndExcluding": "9.0",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_automation:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "471BB5AF-3744-45FE-937D-BBEC421035EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC19367B-D2F8-4966-BE2F-12700C9337EC",
"versionEndExcluding": "9.0",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:20.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "639F6029-DE62-49BD-A767-C5D499389C37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:20.10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88AD029C-7707-4F1E-BE7F-2DE27D384538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:21.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "57375AD7-8042-472F-B49E-653C77EAFA48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:21.08.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AC3DC465-1FA7-4F5B-9A9A-12F8FB4CE146",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 \u0026 CVE-2022-22958). A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote code execution."
},
{
"lang": "es",
"value": "VMware Workspace ONE Access, Identity Manager y vRealize Automation contienen dos vulnerabilidades de ejecuci\u00f3n de c\u00f3digo remota (CVE-2022-22957 y CVE-2022-22958). Un actor malicioso con acceso administrativo puede desencadenar la deserializaci\u00f3n de datos no confiables mediante un URI JDBC malicioso que puede resultar en una ejecuci\u00f3n de c\u00f3digo remota"
}
],
"id": "CVE-2022-22957",
"lastModified": "2024-11-21T06:47:41.020",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-13T18:15:13.087",
"references": [
{
"source": "security@vmware.com",
"url": "http://packetstormsecurity.com/files/171918/Mware-Workspace-ONE-Remote-Code-Execution.html"
},
{
"source": "security@vmware.com",
"url": "http://packetstormsecurity.com/files/171918/VMware-Workspace-ONE-Remote-Code-Execution.html"
},
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/171918/Mware-Workspace-ONE-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/171918/VMware-Workspace-ONE-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-03-04 12:15
Modified
2025-03-05 16:18
Severity ?
9.3 (Critical) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | cloud_foundation | - | |
| vmware | telco_cloud_infrastructure | 2.2 | |
| vmware | telco_cloud_infrastructure | 2.5 | |
| vmware | telco_cloud_infrastructure | 2.7 | |
| vmware | telco_cloud_infrastructure | 3.0 | |
| vmware | telco_cloud_platform | 2.0 | |
| vmware | telco_cloud_platform | 2.5 | |
| vmware | telco_cloud_platform | 2.7 | |
| vmware | telco_cloud_platform | 3.0 | |
| vmware | telco_cloud_platform | 4.0 | |
| vmware | telco_cloud_platform | 4.0.1 | |
| vmware | telco_cloud_platform | 5.0 | |
| vmware | workstation | * |
{
"cisaActionDue": "2025-03-25",
"cisaExploitAdd": "2025-03-04",
"cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "VMware ESXi and Workstation TOCTOU Race Condition Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "F030A666-1955-438B-8417-5C294905399F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
"matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "238E7AF4-722B-423D-ABB1-424286B06715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "1E4DE8C7-72FB-4BEC-AD9E-378786295011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1e:*:*:*:*:*:*",
"matchCriteriaId": "2E6DE184-35C8-4A13-91D4-4B43E9F0168C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "D3E3A02D-6C1E-4DE8-B845-60F53C056F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*",
"matchCriteriaId": "12D385F0-DB2B-4802-AD0E-31441DA056B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*",
"matchCriteriaId": "2C202879-9230-4E1D-BAB8-4FB7CE4BBC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*",
"matchCriteriaId": "CC6DC107-5142-4155-A33B-D5BE72E9ED38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2e:*:*:*:*:*:*",
"matchCriteriaId": "39817170-5C45-4F8A-916D-81B7352055DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "4ADC3CFF-7415-46A5-817A-2F053B261E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*",
"matchCriteriaId": "A2F831A7-544E-4B45-BA49-7F7A0234579C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*",
"matchCriteriaId": "80A0DD2E-F1CC-413B-91F9-E3986011A0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3e:*:*:*:*:*:*",
"matchCriteriaId": "C77771B2-BC64-47A5-B6DB-9CBCC4456B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3f:*:*:*:*:*:*",
"matchCriteriaId": "86DE9CE6-F6C0-47D2-B3AB-34852A8B9603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3g:*:*:*:*:*:*",
"matchCriteriaId": "E75B2F03-702E-4359-9BB2-E234F1DC38C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3i:*:*:*:*:*:*",
"matchCriteriaId": "ACAA9494-5248-4B01-8BC1-C38AB615FFD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3j:*:*:*:*:*:*",
"matchCriteriaId": "BF12014B-BF2B-42EF-B70C-59CDA8E2176F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3k:*:*:*:*:*:*",
"matchCriteriaId": "F965D853-EE4A-41F5-840B-2D009ACC9754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3l:*:*:*:*:*:*",
"matchCriteriaId": "BA7B7313-FF53-43C9-AF4D-B639053D3FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3m:*:*:*:*:*:*",
"matchCriteriaId": "9FB5738F-27E4-42C6-BD1B-F7F66A7EF0A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3n:*:*:*:*:*:*",
"matchCriteriaId": "FC3668A6-262B-42BF-9E90-28BAA9BB3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3o:*:*:*:*:*:*",
"matchCriteriaId": "DA4E9185-44BA-41E6-8600-C8616E199334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3p:*:*:*:*:*:*",
"matchCriteriaId": "F50302BB-B950-4178-A109-358393E0A50A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3q:*:*:*:*:*:*",
"matchCriteriaId": "BCCA4A31-1291-4FB4-9FA5-D2CCD086D660",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3r:*:*:*:*:*:*",
"matchCriteriaId": "78604FE5-510F-4979-B2E3-D36B3083224A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "7A1A402A-9262-4B97-A0B7-E5AE045E394D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:a:*:*:*:*:*:*",
"matchCriteriaId": "FE44B379-9943-4DD1-8514-26F87482AFA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:b:*:*:*:*:*:*",
"matchCriteriaId": "2A797377-8945-4D75-AA68-A768855E5842",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:c:*:*:*:*:*:*",
"matchCriteriaId": "79D84D76-54BE-49E9-905C-7D65B4B42D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2F8767F7-7C3D-457D-9EAC-E8A30796F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "29AF8474-2D7A-4C5A-82B9-7A873AD90C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "7781A2CA-D927-48CD-9932-AE42B7BA1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "18FD08C9-5895-4BF4-BBE0-C2DDA5F6B836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "360C1B71-5360-4379-B0DE-63BB8F5E6DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_2b:*:*:*:*:*:*",
"matchCriteriaId": "B16ED7C1-9881-452A-8BE0-EDDEAEFE3D7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_2c:*:*:*:*:*:*",
"matchCriteriaId": "ED92209F-FBD6-43F9-9A15-3842B139FCC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "6B701151-1B57-4E2D-A9AB-586FACEA2385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_3b:*:*:*:*:*:*",
"matchCriteriaId": "4230B9AA-9E0C-4AE2-814D-8DD641394879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_3c:*:*:*:*:*:*",
"matchCriteriaId": "F2FA150B-93E4-44D2-BF6D-347085A95776",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31A7BB38-3238-413E-9736-F1A165D40867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_infrastructure:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E46A694-8698-4283-9E25-01F222B63E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_infrastructure:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "59B9476F-E5E7-46B6-AC38-4630D0933462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_infrastructure:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9A045567-2563-4539-8E95-361087CB7762",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_infrastructure:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D11103A7-6AB5-4E78-BE11-BC2A04A09F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C5F01D7-2675-4D09-B52B-B02D0EF52AEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B5F8D61F-6E8B-4EE3-91DE-EBA6FF7D289E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B1E94D58-26A0-4E84-8CAD-F8CDB6707642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC33D39A-5760-467E-8284-F4E5D8082BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "448206AA-A023-4AA1-98FD-35BC2A2AB2B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F6E30F8-B977-40A5-9E45-89B5C5E59170",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6B84F65-2E52-4445-8F97-2729B84B18E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3124246D-3287-4657-B40D-E7B80A44E7D7",
"versionEndExcluding": "17.6.3",
"versionStartIncluding": "17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi, and Workstation\u00a0contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write.\u00a0A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host."
},
{
"lang": "es",
"value": "VMware ESXi y Workstation contienen una vulnerabilidad TOCTOU (Time-of-Check Time-of-Use) que provoca una escritura fuera de los l\u00edmites. Un actor malintencionado con privilegios administrativos locales en una m\u00e1quina virtual puede aprovechar este problema para ejecutar c\u00f3digo como el proceso VMX de la m\u00e1quina virtual que se ejecuta en el host."
}
],
"id": "CVE-2025-22224",
"lastModified": "2025-03-05T16:18:36.103",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 6.0,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-03-04T12:15:33.687",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-367"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-367"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-26 12:15
Modified
2025-05-14 16:36
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to cloud provider might be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | aria_operations | * | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:aria_operations:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E1C524-50BF-4B3E-9385-935660A1CC14",
"versionEndExcluding": "8.18.2",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC8A0BB4-A21B-4914-8F4B-37D300A4BBB9",
"versionEndIncluding": "5.2",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations contains a stored cross-site scripting vulnerability.\u00a0A malicious actor with editing access to cloud provider might be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations."
},
{
"lang": "es",
"value": "VMware Aria Operations contiene una vulnerabilidad de cross-site scripting almacenado. Un actor malintencionado con acceso de edici\u00f3n al proveedor de la nube podr\u00eda inyectar secuencias de comandos maliciosas que provoquen cross-site scripting almacenado en el producto VMware Aria Operations."
}
],
"id": "CVE-2024-38834",
"lastModified": "2025-05-14T16:36:45.747",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 4.7,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-11-26T12:15:18.900",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25199"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-14 19:15
Modified
2025-04-22 16:15
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
VMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | access | 21.08.0.0 | |
| vmware | access | 21.08.0.1 | |
| vmware | cloud_foundation | - | |
| vmware | identity_manager | 3.3.6 | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:access:21.08.0.0:*:*:*:*:linux:*:*",
"matchCriteriaId": "58F8802F-BE7F-4908-BD92-2576238798D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:access:21.08.0.1:*:*:*:*:linux:*:*",
"matchCriteriaId": "B7145A8C-7716-4839-8707-05765687447B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31A7BB38-3238-413E-9736-F1A165D40867",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBB8190-2101-4EE5-844E-B46E7FB78FD7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2."
},
{
"lang": "es",
"value": "VMware Workspace ONE Access and Identity Manager contiene una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo autenticado. VMware ha evaluado la gravedad de este problema en el rango de gravedad Importante con una puntuaci\u00f3n base CVSSv3 m\u00e1xima de 7.2."
}
],
"id": "CVE-2022-31700",
"lastModified": "2025-04-22T16:15:29.917",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-12-14T19:15:12.860",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0032.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-30 18:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information disclosure.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0018.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0018.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | vrealize_operations_manager | * | |
| vmware | vrealize_operations_manager | 7.5.0 | |
| vmware | vrealize_suite_lifecycle_manager | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE39D06C-8AF4-4978-BCFD-80FB0A36C93A",
"versionEndIncluding": "3.10.2.1",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6A3FA17-BA09-499D-BAC7-053B380DF443",
"versionEndIncluding": "4.2.1",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B12F2BE9-8DA7-4BF0-85C0-0B5D6C4532A8",
"versionEndExcluding": "8.5.0",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:7.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC6471F-2FB5-4C7A-9B5D-0B08A8E2C08C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4767C7D-8165-43A6-8F16-12F8EE65FDFB",
"versionEndIncluding": "8.2",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information disclosure."
},
{
"lang": "es",
"value": "La API de vRealize Operations Manager (versiones 8.x anteriores a 8.5) contiene una vulnerabilidad de tipo Server Side Request Forgery en un endpoint. Un actor malicioso no autenticado con acceso a la red de la API de vRealize Operations Manager puede realizar un ataque de tipo Server Side Request Forgery, conllevando a una divulgaci\u00f3n de informaci\u00f3n."
}
],
"id": "CVE-2021-22026",
"lastModified": "2024-11-21T05:49:27.857",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-30T18:15:08.417",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-05-20 21:15
Modified
2024-11-21 06:47
Severity ?
Summary
VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to 'root'.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | identity_manager | 3.3.3 | |
| vmware | identity_manager | 3.3.4 | |
| vmware | identity_manager | 3.3.5 | |
| vmware | identity_manager | 3.3.6 | |
| vmware | workspace_one_access | 20.10.0.0 | |
| vmware | workspace_one_access | 20.10.0.1 | |
| vmware | workspace_one_access | 21.08.0.0 | |
| vmware | workspace_one_access | 21.08.0.1 | |
| linux | linux_kernel | - | |
| vmware | cloud_foundation | 4.0 | |
| vmware | cloud_foundation | 4.0.1 | |
| vmware | cloud_foundation | 4.1 | |
| vmware | cloud_foundation | 4.1.0.1 | |
| vmware | cloud_foundation | 4.2 | |
| vmware | cloud_foundation | 4.2.1 | |
| vmware | cloud_foundation | 4.3 | |
| vmware | cloud_foundation | 4.3.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.0 | |
| vmware | vrealize_suite_lifecycle_manager | 8.0.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.2 | |
| vmware | vrealize_suite_lifecycle_manager | 8.2 | |
| vmware | vrealize_suite_lifecycle_manager | 8.2 | |
| vmware | vrealize_suite_lifecycle_manager | 8.2 | |
| vmware | vrealize_suite_lifecycle_manager | 8.3 | |
| vmware | vrealize_suite_lifecycle_manager | 8.3 | |
| vmware | vrealize_suite_lifecycle_manager | 8.3 | |
| vmware | vrealize_suite_lifecycle_manager | 8.3 | |
| vmware | vrealize_suite_lifecycle_manager | 8.4 | |
| vmware | vrealize_suite_lifecycle_manager | 8.4 | |
| vmware | vrealize_suite_lifecycle_manager | 8.4.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.4.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.4.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.4.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.6 | |
| vmware | vrealize_suite_lifecycle_manager | 8.6 | |
| vmware | vrealize_suite_lifecycle_manager | 8.6.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.6.2 | |
| vmware | vrealize_suite_lifecycle_manager | 8.7 | |
| vmware | vrealize_suite_lifecycle_manager | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "97D98937-489B-4AA5-B99E-9AB639C582CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0E93CB5E-CB4A-474A-9901-2E098928C489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A215A7D-F644-41DE-AB4E-69145DA48F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBB8190-2101-4EE5-844E-B46E7FB78FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:20.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "639F6029-DE62-49BD-A767-C5D499389C37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:20.10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88AD029C-7707-4F1E-BE7F-2DE27D384538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:21.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "57375AD7-8042-472F-B49E-653C77EAFA48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:21.08.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AC3DC465-1FA7-4F5B-9A9A-12F8FB4CE146",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BA79AC0-A0CC-4EE6-AEF5-9B8C8EA2C9F1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "38EB0C0C-56CF-4A8F-A36F-E0E180B9059E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A54544F5-5929-4609-A91C-FCA0FDBFE862",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA6D6348-E71A-4DA4-AC84-51397B2461A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8EC0B43-8667-45D6-BF97-03DDFFAD2AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E841E8EF-9500-4937-BAC4-8AB76C96A3EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4C5700-1AFE-49F6-AC92-09F2349345ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B23891F3-08B7-480B-9B83-81381E33212F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC07793-6DB1-4ACD-976D-A370FFAE505A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3318D91-40AC-4649-8FCD-4557C8F934B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A06C29AB-1EAF-43EF-96C3-9E3468911B2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "43723EC2-295E-4AF7-B654-70F9E42F4807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB84C30-EE5D-4C15-A74E-7B2B3E0DED4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.2:patch1:*:*:*:*:*:*",
"matchCriteriaId": "FD4A0BCE-E22E-419E-9CC0-7D535CC49E02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.2:patch2:*:*:*:*:*:*",
"matchCriteriaId": "80868C66-E615-47E3-BA67-152FE833A10B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.2:patch3:*:*:*:*:*:*",
"matchCriteriaId": "7DF3AFD0-1DDD-4F9D-BD33-85978CF101ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E80F36FA-EE84-47BE-95EB-17B49FBCC86F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.3:patch1:*:*:*:*:*:*",
"matchCriteriaId": "85854D70-E8A1-4AD9-872B-8D9BEEB7FAFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.3:patch2:*:*:*:*:*:*",
"matchCriteriaId": "9CF575E5-0FB4-4EC6-AE02-0565A976B98B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.3:patch3:*:*:*:*:*:*",
"matchCriteriaId": "A99C818B-7215-4422-87C4-D500F6931442",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3617E4AC-630F-4AF2-855A-872AD2ECC3A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.4:patch1:*:*:*:*:*:*",
"matchCriteriaId": "969F3DA5-A0C3-4F30-B786-46BCC280D6D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B8D22C-1C36-4125-9C58-1C2472EF64F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.4.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "356479A9-C5F9-4714-A29A-464FE738F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.4.1:patch2:*:*:*:*:*:*",
"matchCriteriaId": "95D8DEAC-50BF-4B1B-B3EC-E9D54EEC0755",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.4.1:patch3:*:*:*:*:*:*",
"matchCriteriaId": "B16A6A96-C904-416F-A4D3-FB22CAC07610",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "73825FF7-AFD1-4948-ABB7-0E73D4AC72C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.6:patch1:*:*:*:*:*:*",
"matchCriteriaId": "3BAC746E-7897-4ED0-8120-2953A5CECF1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A07377B1-9536-4EDE-AA25-FAD474855711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D0DF26D0-EBCD-4E35-9218-74B56DCB7A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F065F309-E25C-4CB2-85DD-98ED3648B069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1E88B150-4BB0-40FC-9333-737C97BADE09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. A malicious actor with local access can escalate privileges to \u0027root\u0027."
},
{
"lang": "es",
"value": "VMware Workspace ONE Access y Identity Manager contienen una vulnerabilidad de escalada de privilegios. Un actor malicioso con acceso local puede escalar los privilegios a \"root\""
}
],
"id": "CVE-2022-22973",
"lastModified": "2024-11-21T06:47:43.310",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-05-20T21:15:09.893",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0014.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-25 15:15
Modified
2025-06-27 13:39
Severity ?
Summary
The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network access to vCenter Server may create a denial-of-service condition.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8DFE6-9C74-4711-A8AF-3B170876A1F9",
"versionEndExcluding": "5.2",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
"matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*",
"matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*",
"matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*",
"matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "0FC6765A-6584-45A8-9B21-4951D2EA8939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "85DD238C-EF73-44F0-928E-A94FF5C4B378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "F4CA36C1-732E-41AE-B847-F7411B753F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "0DA882B6-D811-4E4B-B614-2D48F0B9036E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2b:*:*:*:*:*:*",
"matchCriteriaId": "8D30A78E-16D0-4A2E-A2F8-F6073698243E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2c:*:*:*:*:*:*",
"matchCriteriaId": "188E103E-9568-4CE0-A984-141B2A9E82D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2d:*:*:*:*:*:*",
"matchCriteriaId": "B266439F-E911-4C95-9D27-88DF96DDCCD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "6508A908-EF14-4A72-AC75-5DA6F8B98A0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3a:*:*:*:*:*:*",
"matchCriteriaId": "3BAD2012-5C82-4EA9-A780-9BF1DA5A18AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3c:*:*:*:*:*:*",
"matchCriteriaId": "58597F18-0B23-4D21-9ABA-D9773958F10E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3d:*:*:*:*:*:*",
"matchCriteriaId": "ADF46C54-313B-4742-A074-EEA0A6554680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3e:*:*:*:*:*:*",
"matchCriteriaId": "9587F800-57BC-44B6-870E-95691684FC46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3f:*:*:*:*:*:*",
"matchCriteriaId": "AD148A75-5076-416D-AFD6-0F281DA0A82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3g:*:*:*:*:*:*",
"matchCriteriaId": "956CEA8C-F8C4-41BD-85B4-44FE3A772E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3h:*:*:*:*:*:*",
"matchCriteriaId": "008AEA0F-116B-4AF8-B3A7-3041CCE25235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3i:*:*:*:*:*:*",
"matchCriteriaId": "EE486B2F-AED4-4FCE-A674-DFC25844FEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3j:*:*:*:*:*:*",
"matchCriteriaId": "4F73AA9E-51E9-4FA0-813D-AD05FDC3EF94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3k:*:*:*:*:*:*",
"matchCriteriaId": "455DD46E-A071-476D-8914-767485E45F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3l:*:*:*:*:*:*",
"matchCriteriaId": "3A422D04-48DF-4A16-94F8-D5702CC2782D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3m:*:*:*:*:*:*",
"matchCriteriaId": "806E9219-CDF4-4E62-978E-334E96A94BA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3n:*:*:*:*:*:*",
"matchCriteriaId": "34D8B182-4E71-4655-8DD8-743A3EF6DC8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3o:*:*:*:*:*:*",
"matchCriteriaId": "8D8F6CC7-6B6D-4079-9E2C-A85C4616FF92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3p:*:*:*:*:*:*",
"matchCriteriaId": "A814F0AB-4AEB-4139-976F-425A4A9EC67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "CC974CA1-88D3-42E4-BF1F-28870F8171B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:a:*:*:*:*:*:*",
"matchCriteriaId": "EFE63984-F69B-4593-9AEC-D179D6D98B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:b:*:*:*:*:*:*",
"matchCriteriaId": "34D1F3B3-8E3F-4E4D-8EE6-2F593663B5CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:c:*:*:*:*:*:*",
"matchCriteriaId": "16F3D992-9F48-4604-9AAF-DC2D1CE98BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "C745A7E6-4760-48CD-B7C4-1C2C20217F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "A5522514-8ED9-45DB-9036-33FE40D77E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1b:*:*:*:*:*:*",
"matchCriteriaId": "8C27C660-E917-4944-8B4C-41D9622B76D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "56CFB469-B3E6-4503-A47C-D18206D4D19A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "67024A43-9E13-4F4E-B711-731792DA3840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1e:*:*:*:*:*:*",
"matchCriteriaId": "1188E9D6-53AD-40D0-8146-3728D071008D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "604F559F-1775-4F29-996E-9079B99345B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "61DC9400-5AEE-49AC-9925-0A96E32BD8C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2b:*:*:*:*:*:*",
"matchCriteriaId": "98C1B77E-AB0E-4E8A-8294-2D3D230CDF9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2c:*:*:*:*:*:*",
"matchCriteriaId": "8EC8BEF1-7908-46C0-841A-834778D1A863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2d:*:*:*:*:*:*",
"matchCriteriaId": "89D5A7F9-3183-4EE7-828C-13BB9169E199",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a denial-of-service vulnerability.\u00a0A malicious actor with network access to vCenter Server may create a denial-of-service condition."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de denegaci\u00f3n de servicio. Un actor malintencionado con acceso a la red de vCenter Server puede crear una condici\u00f3n de denegaci\u00f3n de servicio."
}
],
"id": "CVE-2024-37087",
"lastModified": "2025-06-27T13:39:54.843",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "security@vmware.com",
"type": "Secondary"
}
]
},
"published": "2024-06-25T15:15:12.767",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 12:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vCenter Server contains an authenticated code execution vulnerability in VAMI (Virtual Appliance Management Infrastructure). An authenticated VAMI user with network access to port 5480 on vCenter Server may exploit this issue to execute code on the underlying operating system that hosts vCenter Server.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5071E0B4-FE4B-4525-BAF6-3900D9C8D48D",
"versionEndExcluding": "5.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains an authenticated code execution vulnerability in VAMI (Virtual Appliance Management Infrastructure). An authenticated VAMI user with network access to port 5480 on vCenter Server may exploit this issue to execute code on the underlying operating system that hosts vCenter Server."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo autenticado en VAMI (Virtual Appliance Management Infrastructure). Un usuario autenticado de VAMI con acceso de red al puerto 5480 en vCenter Server puede explotar este problema para ejecutar c\u00f3digo en el sistema operativo subyacente que aloja vCenter Server"
}
],
"id": "CVE-2021-22014",
"lastModified": "2024-11-21T05:49:26.483",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T12:15:08.130",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-20 17:15
Modified
2024-11-21 05:32
Severity ?
Summary
In VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x before 15.1.0), Fusion (11.x before 11.1.0), the VMCI host drivers used by VMware hypervisors contain a memory leak vulnerability. A malicious actor with access to a virtual machine may be able to trigger a memory leak issue resulting in memory resource exhaustion on the hypervisor if the attack is sustained for extended periods of time.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2020-0023.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2020-0023.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | cloud_foundation | * | |
| vmware | workstation | * | |
| vmware | fusion | * | |
| apple | mac_os_x | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201-ug:*:*:*:*:*:*",
"matchCriteriaId": "7264CDC9-FB2D-45A9-9307-C197B1052477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202-ug:*:*:*:*:*:*",
"matchCriteriaId": "D0538570-759A-441A-BC37-556642C090F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203-ug:*:*:*:*:*:*",
"matchCriteriaId": "9CF906E5-A846-49BA-925B-C6059FD02BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204-ug:*:*:*:*:*:*",
"matchCriteriaId": "7D3D0230-53D4-469F-AD46-74F057F6F9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205-ug:*:*:*:*:*:*",
"matchCriteriaId": "8D8E89CE-C919-4CDF-98BE-BA9A126B36BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206-ug:*:*:*:*:*:*",
"matchCriteriaId": "73DA1453-4756-4C16-9640-B3B0C6F617DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207-ug:*:*:*:*:*:*",
"matchCriteriaId": "589EE886-6927-4AEA-903C-155C23B1747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BDDFA27-0D99-4D98-B00F-5D038488BAAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209-ug:*:*:*:*:*:*",
"matchCriteriaId": "3F931502-8460-4373-92D7-CFD817F4A062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210-ug:*:*:*:*:*:*",
"matchCriteriaId": "287D4E48-4890-46C2-8B9B-1CE484C9D30A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211-ug:*:*:*:*:*:*",
"matchCriteriaId": "A916EB29-ADE4-4D65-BF8E-98B44E466AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212-ug:*:*:*:*:*:*",
"matchCriteriaId": "BC024B88-DEDD-49E5-B668-5B00C212B6A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213-ug:*:*:*:*:*:*",
"matchCriteriaId": "DB9F131B-46BE-44F8-904B-FD0839926B18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214-ug:*:*:*:*:*:*",
"matchCriteriaId": "BA2195E5-3BAD-4E90-BE40-A59C0A6A9EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215-ug:*:*:*:*:*:*",
"matchCriteriaId": "1503D3D9-E1A7-41F9-B26D-0AED8ABE6FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216-ug:*:*:*:*:*:*",
"matchCriteriaId": "7BD28EE0-808D-4A76-B707-F163527608C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217-ug:*:*:*:*:*:*",
"matchCriteriaId": "79225541-575F-44FC-8ED6-24BA6A4128EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218-ug:*:*:*:*:*:*",
"matchCriteriaId": "8A4A62CD-A46B-4612-9DC8-7744E6D5EA40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219-ug:*:*:*:*:*:*",
"matchCriteriaId": "D526CE1D-ED76-44EB-9377-53EF7556E254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220-ug:*:*:*:*:*:*",
"matchCriteriaId": "D7E92A1C-40EB-441B-A634-42609527210A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221-ug:*:*:*:*:*:*",
"matchCriteriaId": "111A10BE-FC5A-4272-9719-1DED62694A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222-ug:*:*:*:*:*:*",
"matchCriteriaId": "FC65FCFC-CD55-401A-8986-A1DBF544D228",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223-ug:*:*:*:*:*:*",
"matchCriteriaId": "EEBD3AEC-284C-44E1-A4CD-010787114737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224-ug:*:*:*:*:*:*",
"matchCriteriaId": "42F87C20-5A00-43C9-A445-50AD716233D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225-ug:*:*:*:*:*:*",
"matchCriteriaId": "C1412AFC-CBE8-4151-B01D-785F11ACAB85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226-ug:*:*:*:*:*:*",
"matchCriteriaId": "6431DD1F-2269-4AFB-B486-9B6373F41C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BA5D0CB-E5B0-4C95-91A7-C662BAE01483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228-ug:*:*:*:*:*:*",
"matchCriteriaId": "A86BDAB4-3924-45A8-9130-517DEA184FA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229-ug:*:*:*:*:*:*",
"matchCriteriaId": "A6EAE07B-2849-4E3B-B8D0-F68E6440A9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:2:*:*:*:*:*:*",
"matchCriteriaId": "60405BAB-A6C6-4AD8-A5D2-EAD114FE931F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*",
"matchCriteriaId": "7F916A39-13BD-44A7-A9EC-1FD40EBE357C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*",
"matchCriteriaId": "4F8219B4-1FC2-4383-83E6-92DF700C72D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*",
"matchCriteriaId": "C44C9D6A-8BBE-4970-A732-B9F86D42A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*",
"matchCriteriaId": "427F4ED8-8782-4BDF-A559-11CB8E0A65F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*",
"matchCriteriaId": "63DDC95E-BBCD-4A68-9AFB-B5F9D206818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*",
"matchCriteriaId": "B27E3424-5D4E-4E5D-8762-7AECBB11FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2D217AAB-D45F-480B-8F82-16B261F370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*",
"matchCriteriaId": "1B58312B-D72B-4F13-9EF5-0F42CE592757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*",
"matchCriteriaId": "8FBB88C2-793A-40F2-AA40-EC315115AE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*",
"matchCriteriaId": "21F59801-904B-427F-A1A9-C933E38AB7AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*",
"matchCriteriaId": "5A3FFDE9-FD36-41F9-AC35-E14BB6AEF7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*",
"matchCriteriaId": "D22AFAE1-F817-4037-8EE5-AF04314AAAB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*",
"matchCriteriaId": "8D4C44D6-73AD-48A3-B5F3-31B1FDC77E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*",
"matchCriteriaId": "5D1694B2-1CD9-4943-8CFF-38218CDB88F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*",
"matchCriteriaId": "154B54C8-1D65-4D3E-A64B-CF2D21E71FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*",
"matchCriteriaId": "D86BCD56-4BD6-4C61-B80E-12E47D12A00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*",
"matchCriteriaId": "6741A159-1D92-4E25-BD43-606DE1138D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*",
"matchCriteriaId": "DCC98C53-EEC1-4CFE-9C31-9F2592723B3F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "102115DE-F589-4153-9597-160D82FBAFC7",
"versionEndExcluding": "3.9",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E2A748C-18BC-4EA0-B599-CFAE4E36B00B",
"versionEndExcluding": "15.1.0",
"versionStartIncluding": "15.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2EE7A5C1-9A67-410D-9A04-FAEFA1D1DB1B",
"versionEndExcluding": "11.1.0",
"versionStartIncluding": "11.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x before 15.1.0), Fusion (11.x before 11.1.0), the VMCI host drivers used by VMware hypervisors contain a memory leak vulnerability. A malicious actor with access to a virtual machine may be able to trigger a memory leak issue resulting in memory resource exhaustion on the hypervisor if the attack is sustained for extended periods of time."
},
{
"lang": "es",
"value": "En VMware ESXi (versiones 6.7 anteriores a ESXi670-201908101-SG, versiones 6.5 anteriores a ESXi650-202007101-SG), Workstation (versiones 15.x anteriores a 15.1.0), Fusion (versiones 11.x anteriores a 11.1.0), los controladores del host VMCI utilizados por los hipervisores de VMware contienen una vulnerabilidad de filtrado de memoria.\u0026#xa0;Un actor malicioso con acceso a una m\u00e1quina virtual puede desencadenar un problema de filtrado de memoria que resulte en el agotamiento de los recursos de memoria en el hipervisor si el ataque se mantiene durante per\u00edodos prolongados"
}
],
"id": "CVE-2020-3995",
"lastModified": "2024-11-21T05:32:07.900",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-20T17:15:13.043",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 13:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input sanitization. An attacker may exploit this issue to execute malicious scripts by tricking a victim into clicking a malicious link.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5071E0B4-FE4B-4525-BAF6-3900D9C8D48D",
"versionEndExcluding": "5.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input sanitization. An attacker may exploit this issue to execute malicious scripts by tricking a victim into clicking a malicious link."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de tipo cross-site scripting vulnerability reflejado debido a una falta de saneo de entrada. Un atacante puede explotar este problema para ejecutar scripts maliciosos al enga\u00f1ar a la v\u00edctima para que haga clic en un enlace malicioso"
}
],
"id": "CVE-2021-22016",
"lastModified": "2024-11-21T05:49:26.707",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T13:15:08.150",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-13 18:15
Modified
2024-11-21 06:47
Severity ?
Summary
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. A malicious actor with remote access may leak the hostname of the target system. Successful exploitation of this issue can lead to targeting victims.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2022-0011.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2022-0011.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | identity_manager | 3.3.3 | |
| vmware | identity_manager | 3.3.4 | |
| vmware | identity_manager | 3.3.5 | |
| vmware | identity_manager | 3.3.6 | |
| vmware | vrealize_automation | * | |
| vmware | vrealize_automation | 7.6 | |
| vmware | vrealize_suite_lifecycle_manager | * | |
| vmware | workspace_one_access | 20.10.0.0 | |
| vmware | workspace_one_access | 20.10.0.1 | |
| vmware | workspace_one_access | 21.08.0.0 | |
| vmware | workspace_one_access | 21.08.0.1 | |
| linux | linux_kernel | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5071E0B4-FE4B-4525-BAF6-3900D9C8D48D",
"versionEndExcluding": "5.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "97D98937-489B-4AA5-B99E-9AB639C582CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0E93CB5E-CB4A-474A-9901-2E098928C489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A215A7D-F644-41DE-AB4E-69145DA48F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBB8190-2101-4EE5-844E-B46E7FB78FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_automation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "370EF5F6-77E2-4EF7-9148-9DA5C52E50F5",
"versionEndExcluding": "9.0",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_automation:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "471BB5AF-3744-45FE-937D-BBEC421035EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC19367B-D2F8-4966-BE2F-12700C9337EC",
"versionEndExcluding": "9.0",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:20.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "639F6029-DE62-49BD-A767-C5D499389C37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:20.10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88AD029C-7707-4F1E-BE7F-2DE27D384538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:21.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "57375AD7-8042-472F-B49E-653C77EAFA48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:21.08.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AC3DC465-1FA7-4F5B-9A9A-12F8FB4CE146",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. A malicious actor with remote access may leak the hostname of the target system. Successful exploitation of this issue can lead to targeting victims."
},
{
"lang": "es",
"value": "VMware Workspace ONE Access, Identity Manager y vRealize Automation contienen una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n debido a una devoluci\u00f3n de informaci\u00f3n excesiva. Un actor malicioso con acceso remoto puede filtrar el nombre de host del sistema de destino. Una explotaci\u00f3n con \u00e9xito de este problema puede conllevar a una selecci\u00f3n de v\u00edctimas"
}
],
"id": "CVE-2022-22961",
"lastModified": "2024-11-21T06:47:41.487",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-13T18:15:13.667",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-30 16:15
Modified
2025-05-14 16:46
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
9.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
9.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Summary
VMware Aria Operations for Logs contains a stored cross-site scripting vulnerability. A malicious actor with non-administrative privileges may be able to inject a malicious script that (can perform stored cross-site scripting) may lead to arbitrary operations as admin user.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | aria_operations_for_logs | * | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:aria_operations_for_logs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7883672C-8E78-4378-9EAB-42A656006A72",
"versionEndExcluding": "8.18.3",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC8A0BB4-A21B-4914-8F4B-37D300A4BBB9",
"versionEndIncluding": "5.2",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations for Logs contains a stored cross-site scripting vulnerability.\u00a0A malicious actor with non-administrative privileges may be able to inject a malicious script that (can perform stored cross-site scripting) may lead to arbitrary operations as admin\u00a0user."
},
{
"lang": "es",
"value": "VMware Aria Operations for Logs contiene una vulnerabilidad Cross-Site Scripting Almacenado. Un actor malintencionado con privilegios no administrativos podr\u00eda inyectar un script malicioso que pueda realizar operaciones Cross-Site Scripting Almacenado como usuario administrador."
}
],
"id": "CVE-2025-22219",
"lastModified": "2025-05-14T16:46:17.393",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-30T16:15:31.013",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25329"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 13:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vCenter Server contains a denial-of-service vulnerability in the Analytics service. Successful exploitation of this issue may allow an attacker to create a denial-of-service condition on vCenter Server.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "127DEE95-0B04-4A98-B96A-15CC253C7357",
"versionEndExcluding": "3.10.2.2",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "722CF000-C0A1-4704-BDC6-3446D1530F3B",
"versionEndExcluding": "4.3",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a denial-of-service vulnerability in the Analytics service. Successful exploitation of this issue may allow an attacker to create a denial-of-service condition on vCenter Server."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de denegaci\u00f3n de servicio en el servicio Analytics. Una explotaci\u00f3n con \u00e9xito de este problema puede permitir a un atacante crear una condici\u00f3n de denegaci\u00f3n de servicio en vCenter Server"
}
],
"id": "CVE-2021-22020",
"lastModified": "2024-11-21T05:49:27.160",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T13:15:08.357",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-07-13 19:15
Modified
2024-11-21 06:47
Severity ?
Summary
The vCenter Server contains a server-side request forgery (SSRF) vulnerability. A malicious actor with network access to 443 on the vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal service.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2022-0018.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2022-0018.html | Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5BAF38C-348A-46F6-A1D4-1625D68EDD5A",
"versionEndIncluding": "3.11",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "326A2867-797D-4AA9-8D2C-43E8CDA0BCFC",
"versionEndIncluding": "4.3.1",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*",
"matchCriteriaId": "CF7DDB0C-3C07-4B5E-8B8A-0542FEE72877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*",
"matchCriteriaId": "1DD16169-A7DF-4604-888C-156A60018E32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*",
"matchCriteriaId": "46FC9F34-C8FA-4AFE-9F4A-7CF9516BD4D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*",
"matchCriteriaId": "D26534EB-327B-4ED6-A3E1-005552CB1F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*",
"matchCriteriaId": "786CDD50-7E18-4437-8DB9-2D0ADECD436E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*",
"matchCriteriaId": "B2CE8DAE-0E78-4004-983D-1ECD8855EC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1:*:*:*:*:*:*",
"matchCriteriaId": "7E51F433-1152-4E94-AF77-970230B1A574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1b:*:*:*:*:*:*",
"matchCriteriaId": "0064D104-E0D8-481A-9029-D3726A1A9CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1c:*:*:*:*:*:*",
"matchCriteriaId": "9B4D3F61-6CD9-411F-A205-EB06A57EBB4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1d:*:*:*:*:*:*",
"matchCriteriaId": "F72A1E9C-F960-4E8C-A46C-B38209E6349E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1e:*:*:*:*:*:*",
"matchCriteriaId": "2C33CE46-F529-4EA9-9344-6ED3BFA7019D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1g:*:*:*:*:*:*",
"matchCriteriaId": "9F1D8161-0E02-45C9-BF61-14799AB65E03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2:*:*:*:*:*:*",
"matchCriteriaId": "1F2CB1FF-6118-4875-945D-07BAA3A21FFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2b:*:*:*:*:*:*",
"matchCriteriaId": "1AEDA28A-5C8E-4E95-A377-3BE530DBEAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2c:*:*:*:*:*:*",
"matchCriteriaId": "BDDC6510-3116-4578-80C8-8EF044A8370A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2d:*:*:*:*:*:*",
"matchCriteriaId": "8678DB48-CB98-4E4C-ADE6-CABA73265FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2g:*:*:*:*:*:*",
"matchCriteriaId": "DBD9A341-1FBF-4E04-848B-550DEB27261A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3:*:*:*:*:*:*",
"matchCriteriaId": "4955663C-1BB6-4F3E-9D4B-362DF144B7F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3d:*:*:*:*:*:*",
"matchCriteriaId": "CE0F8453-3D6C-4F1C-9167-3F02E3D905DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3f:*:*:*:*:*:*",
"matchCriteriaId": "0EAD4045-A7F9-464F-ABB9-3782941162CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3k:*:*:*:*:*:*",
"matchCriteriaId": "2F0A79C2-33AE-40C5-A853-770A4C691F29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3n:*:*:*:*:*:*",
"matchCriteriaId": "D8BB6CBC-11D6-40A4-ABAF-53AB9BED5A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3p:*:*:*:*:*:*",
"matchCriteriaId": "26A3EC15-8C04-49AD-9045-4D9FADBD50CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3q:*:*:*:*:*:*",
"matchCriteriaId": "AF7E87BB-1B5B-4F13-A70C-B3C6716E7919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3r:*:*:*:*:*:*",
"matchCriteriaId": "70A9244F-2C9C-4D7D-B384-08DDF95770DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3s:*:*:*:*:*:*",
"matchCriteriaId": "2CBEA4F8-CBA3-4C71-96B3-47489F0D299C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*",
"matchCriteriaId": "5241C282-A02B-44B2-B6CA-BA3A99F9737C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*",
"matchCriteriaId": "04A60AC7-C2EA-4DBF-9743-54D708584AFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*",
"matchCriteriaId": "8A91B0C4-F184-459E-AFD3-DE0E351CC964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1:*:*:*:*:*:*",
"matchCriteriaId": "23253631-2655-48A8-9B00-CB984232329C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1b:*:*:*:*:*:*",
"matchCriteriaId": "50C2A9A8-0E66-4702-BCD4-74622108E7A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2:*:*:*:*:*:*",
"matchCriteriaId": "EE4D3E2A-C32D-408F-B811-EF8BC86F0D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2a:*:*:*:*:*:*",
"matchCriteriaId": "31CA7802-D78D-4BAD-A45A-68B601C010C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2c:*:*:*:*:*:*",
"matchCriteriaId": "3B98981B-4721-4752-BAB4-361DB5AEB86F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3:*:*:*:*:*:*",
"matchCriteriaId": "04487105-980A-4943-9360-4442BF0411E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3a:*:*:*:*:*:*",
"matchCriteriaId": "24D24E06-EB3F-4F11-849B-E66757B01466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3b:*:*:*:*:*:*",
"matchCriteriaId": "8AF12716-88E2-44B5-ACD7-BCBECA130FB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3f:*:*:*:*:*:*",
"matchCriteriaId": "3352212C-E820-47B3-BDF5-57018F5B9E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3g:*:*:*:*:*:*",
"matchCriteriaId": "6436ADFD-6B94-4D2A-B09B-CED4EC6CA276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3j:*:*:*:*:*:*",
"matchCriteriaId": "D06832CE-F946-469D-B495-6735F18D02A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3l:*:*:*:*:*:*",
"matchCriteriaId": "726AC46D-9EA8-4FE8-94B8-0562935458F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3m:*:*:*:*:*:*",
"matchCriteriaId": "0243D22F-1591-4A95-A7FE-2658CEE0C08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3n:*:*:*:*:*:*",
"matchCriteriaId": "02AE5983-CD14-4EAF-9F5C-1281E3DE7F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3o:*:*:*:*:*:*",
"matchCriteriaId": "EFDDF4CA-1C20-430E-A17C-CC2998F8BDDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3p:*:*:*:*:*:*",
"matchCriteriaId": "7D2B0FBA-8E4A-491E-8E22-AAD7DBB5FF5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3q:*:*:*:*:*:*",
"matchCriteriaId": "126B4E78-DCE3-4375-80C9-3679F9BF107C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
"matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*",
"matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*",
"matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*",
"matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "0FC6765A-6584-45A8-9B21-4951D2EA8939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "85DD238C-EF73-44F0-928E-A94FF5C4B378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "F4CA36C1-732E-41AE-B847-F7411B753F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "0DA882B6-D811-4E4B-B614-2D48F0B9036E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2b:*:*:*:*:*:*",
"matchCriteriaId": "8D30A78E-16D0-4A2E-A2F8-F6073698243E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2c:*:*:*:*:*:*",
"matchCriteriaId": "188E103E-9568-4CE0-A984-141B2A9E82D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2d:*:*:*:*:*:*",
"matchCriteriaId": "B266439F-E911-4C95-9D27-88DF96DDCCD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "6508A908-EF14-4A72-AC75-5DA6F8B98A0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3a:*:*:*:*:*:*",
"matchCriteriaId": "3BAD2012-5C82-4EA9-A780-9BF1DA5A18AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3c:*:*:*:*:*:*",
"matchCriteriaId": "58597F18-0B23-4D21-9ABA-D9773958F10E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3d:*:*:*:*:*:*",
"matchCriteriaId": "ADF46C54-313B-4742-A074-EEA0A6554680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3e:*:*:*:*:*:*",
"matchCriteriaId": "9587F800-57BC-44B6-870E-95691684FC46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a server-side request forgery (SSRF) vulnerability. A malicious actor with network access to 443 on the vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal service."
},
{
"lang": "es",
"value": "El servidor vCenter contiene una vulnerabilidad de tipo server-side request forgery (SSRF). Un actor malicioso con acceso de red a 443 en el vCenter Server puede explotar este problema al acceder a una petici\u00f3n de URL fuera del vCenter Server o accediendo a un servicio interno"
}
],
"id": "CVE-2022-22982",
"lastModified": "2024-11-21T06:47:44.170",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-07-13T19:15:09.607",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0018.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 12:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vCenter Server contains an information disclosure vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by sending a specially crafted json-rpc message to gain access to sensitive information.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5071E0B4-FE4B-4525-BAF6-3900D9C8D48D",
"versionEndExcluding": "5.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains an information disclosure vulnerability in VAPI (vCenter API) service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by sending a specially crafted json-rpc message to gain access to sensitive information."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en el servicio VAPI (vCenter API). Un actor malicioso con acceso de red al puerto 443 en vCenter Server puede explotar este problema mediante el env\u00edo de un mensaje json-rpc especialmente dise\u00f1ado para conseguir acceso a informaci\u00f3n confidencial"
}
],
"id": "CVE-2021-22008",
"lastModified": "2024-11-21T05:49:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T12:15:07.847",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-30 19:15
Modified
2024-11-21 05:49
Severity ?
Summary
VMware vRealize Log Insight (8.x prior to 8.4) contains a Cross Site Scripting (XSS) vulnerability due to improper user input validation. An attacker with user privileges may be able to inject a malicious payload via the Log Insight UI which would be executed when the victim accesses the shared dashboard link.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0019.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0019.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vrealize_log_insight | * | |
| vmware | vrealize_log_insight | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "722CF000-C0A1-4704-BDC6-3446D1530F3B",
"versionEndExcluding": "4.3",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_log_insight:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F651BAC0-AA2B-4448-95AB-B37815BC2F1A",
"versionEndIncluding": "4.8",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_log_insight:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6583A319-9261-4891-92AE-A0F429FF0A0D",
"versionEndExcluding": "8.4",
"versionStartIncluding": "8.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware vRealize Log Insight (8.x prior to 8.4) contains a Cross Site Scripting (XSS) vulnerability due to improper user input validation. An attacker with user privileges may be able to inject a malicious payload via the Log Insight UI which would be executed when the victim accesses the shared dashboard link."
},
{
"lang": "es",
"value": "VMware vRealize Log Insight (versiones 8.x anteriores a 8.4) contiene una vulnerabilidad de tipo Cross Site Scripting (XSS) debido a una comprobaci\u00f3n inapropiada de la entrada del usuario. Un atacante con privilegios de usuario puede ser capaz de inyectar una carga \u00fatil maliciosa por medio de la interfaz de usuario de Log Insight que se ejecutar\u00eda cuando la v\u00edctima acceda al enlace del panel compartido."
}
],
"id": "CVE-2021-22021",
"lastModified": "2024-11-21T05:49:27.277",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-30T19:15:08.457",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0019.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-26 12:15
Modified
2025-05-14 16:43
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges may trigger this vulnerability to escalate privileges to root user on the appliance running VMware Aria Operations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | aria_operations | * | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:aria_operations:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E1C524-50BF-4B3E-9385-935660A1CC14",
"versionEndExcluding": "8.18.2",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC8A0BB4-A21B-4914-8F4B-37D300A4BBB9",
"versionEndIncluding": "5.2",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations contains a local privilege escalation vulnerability.\u00a0A malicious actor with local administrative privileges may trigger this vulnerability to escalate privileges to root user on the appliance running VMware Aria Operations."
},
{
"lang": "es",
"value": "VMware Aria Operations contiene una vulnerabilidad de escalada de privilegios locales. Un agente malintencionado con privilegios administrativos locales puede activar esta vulnerabilidad para escalar privilegios al usuario ra\u00edz en el dispositivo que ejecuta VMware Aria Operations."
}
],
"id": "CVE-2024-38830",
"lastModified": "2025-05-14T16:43:34.443",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-11-26T12:15:18.413",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25199"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-20 17:15
Modified
2025-04-02 19:08
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2020-0023.html | Patch, Vendor Advisory | |
| security@vmware.com | https://www.zerodayinitiative.com/advisories/ZDI-20-1377/ | Third Party Advisory, VDB Entry | |
| security@vmware.com | https://www.zerodayinitiative.com/advisories/ZDI-20-1385/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2020-0023.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-20-1377/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-20-1385/ | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 7.0.0 | |
| vmware | esxi | 7.0.0 |
{
"cisaActionDue": "2022-05-03",
"cisaExploitAdd": "2021-11-03",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "VMware ESXi OpenSLP Use-After-Free Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1995769A-1AB9-47FA-966A-8E82D414161E",
"versionEndExcluding": "3.10.1.2",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFC97E69-D4F5-46FC-AF5E-43BD48C00044",
"versionEndExcluding": "4.1.0.1",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:2:*:*:*:*:*:*",
"matchCriteriaId": "60405BAB-A6C6-4AD8-A5D2-EAD114FE931F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*",
"matchCriteriaId": "7F916A39-13BD-44A7-A9EC-1FD40EBE357C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*",
"matchCriteriaId": "4F8219B4-1FC2-4383-83E6-92DF700C72D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*",
"matchCriteriaId": "C44C9D6A-8BBE-4970-A732-B9F86D42A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*",
"matchCriteriaId": "427F4ED8-8782-4BDF-A559-11CB8E0A65F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*",
"matchCriteriaId": "63DDC95E-BBCD-4A68-9AFB-B5F9D206818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*",
"matchCriteriaId": "B27E3424-5D4E-4E5D-8762-7AECBB11FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2D217AAB-D45F-480B-8F82-16B261F370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*",
"matchCriteriaId": "1B58312B-D72B-4F13-9EF5-0F42CE592757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*",
"matchCriteriaId": "8FBB88C2-793A-40F2-AA40-EC315115AE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*",
"matchCriteriaId": "21F59801-904B-427F-A1A9-C933E38AB7AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*",
"matchCriteriaId": "5A3FFDE9-FD36-41F9-AC35-E14BB6AEF7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*",
"matchCriteriaId": "D22AFAE1-F817-4037-8EE5-AF04314AAAB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*",
"matchCriteriaId": "8D4C44D6-73AD-48A3-B5F3-31B1FDC77E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*",
"matchCriteriaId": "5D1694B2-1CD9-4943-8CFF-38218CDB88F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*",
"matchCriteriaId": "154B54C8-1D65-4D3E-A64B-CF2D21E71FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*",
"matchCriteriaId": "D86BCD56-4BD6-4C61-B80E-12E47D12A00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*",
"matchCriteriaId": "6741A159-1D92-4E25-BD43-606DE1138D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*",
"matchCriteriaId": "DCC98C53-EEC1-4CFE-9C31-9F2592723B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C565246C-896C-4E48-8C24-344C9B0A3057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202007001:*:*:*:*:*:*",
"matchCriteriaId": "8479F377-4F47-433D-867D-A94A4B0E46EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202010001:*:*:*:*:*:*",
"matchCriteriaId": "ECC2468D-6B23-4C7E-951B-DDA8DD17B51E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201-ug:*:*:*:*:*:*",
"matchCriteriaId": "7264CDC9-FB2D-45A9-9307-C197B1052477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202-ug:*:*:*:*:*:*",
"matchCriteriaId": "D0538570-759A-441A-BC37-556642C090F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203-ug:*:*:*:*:*:*",
"matchCriteriaId": "9CF906E5-A846-49BA-925B-C6059FD02BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204-ug:*:*:*:*:*:*",
"matchCriteriaId": "7D3D0230-53D4-469F-AD46-74F057F6F9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205-ug:*:*:*:*:*:*",
"matchCriteriaId": "8D8E89CE-C919-4CDF-98BE-BA9A126B36BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206-ug:*:*:*:*:*:*",
"matchCriteriaId": "73DA1453-4756-4C16-9640-B3B0C6F617DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207-ug:*:*:*:*:*:*",
"matchCriteriaId": "589EE886-6927-4AEA-903C-155C23B1747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BDDFA27-0D99-4D98-B00F-5D038488BAAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209-ug:*:*:*:*:*:*",
"matchCriteriaId": "3F931502-8460-4373-92D7-CFD817F4A062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210-ug:*:*:*:*:*:*",
"matchCriteriaId": "287D4E48-4890-46C2-8B9B-1CE484C9D30A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211-ug:*:*:*:*:*:*",
"matchCriteriaId": "A916EB29-ADE4-4D65-BF8E-98B44E466AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212-ug:*:*:*:*:*:*",
"matchCriteriaId": "BC024B88-DEDD-49E5-B668-5B00C212B6A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213-ug:*:*:*:*:*:*",
"matchCriteriaId": "DB9F131B-46BE-44F8-904B-FD0839926B18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214-ug:*:*:*:*:*:*",
"matchCriteriaId": "BA2195E5-3BAD-4E90-BE40-A59C0A6A9EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215-ug:*:*:*:*:*:*",
"matchCriteriaId": "1503D3D9-E1A7-41F9-B26D-0AED8ABE6FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216-ug:*:*:*:*:*:*",
"matchCriteriaId": "7BD28EE0-808D-4A76-B707-F163527608C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217-ug:*:*:*:*:*:*",
"matchCriteriaId": "79225541-575F-44FC-8ED6-24BA6A4128EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218-ug:*:*:*:*:*:*",
"matchCriteriaId": "8A4A62CD-A46B-4612-9DC8-7744E6D5EA40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219-ug:*:*:*:*:*:*",
"matchCriteriaId": "D526CE1D-ED76-44EB-9377-53EF7556E254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220-ug:*:*:*:*:*:*",
"matchCriteriaId": "D7E92A1C-40EB-441B-A634-42609527210A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221-ug:*:*:*:*:*:*",
"matchCriteriaId": "111A10BE-FC5A-4272-9719-1DED62694A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222-ug:*:*:*:*:*:*",
"matchCriteriaId": "FC65FCFC-CD55-401A-8986-A1DBF544D228",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223-ug:*:*:*:*:*:*",
"matchCriteriaId": "EEBD3AEC-284C-44E1-A4CD-010787114737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224-ug:*:*:*:*:*:*",
"matchCriteriaId": "42F87C20-5A00-43C9-A445-50AD716233D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225-ug:*:*:*:*:*:*",
"matchCriteriaId": "C1412AFC-CBE8-4151-B01D-785F11ACAB85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226-ug:*:*:*:*:*:*",
"matchCriteriaId": "6431DD1F-2269-4AFB-B486-9B6373F41C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BA5D0CB-E5B0-4C95-91A7-C662BAE01483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228-ug:*:*:*:*:*:*",
"matchCriteriaId": "A86BDAB4-3924-45A8-9130-517DEA184FA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229-ug:*:*:*:*:*:*",
"matchCriteriaId": "A6EAE07B-2849-4E3B-B8D0-F68E6440A9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*",
"matchCriteriaId": "9969057F-BD3A-474E-8A02-087575A8AA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*",
"matchCriteriaId": "7111974A-2A88-4209-8CBB-F872993AE4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*",
"matchCriteriaId": "35722902-3652-44F1-89C2-08EB51F2A1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*",
"matchCriteriaId": "E469AC46-D464-4960-8F23-CA59B3DCB7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*",
"matchCriteriaId": "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*",
"matchCriteriaId": "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*",
"matchCriteriaId": "739948F5-E005-49E3-B412-4E035C7D95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*",
"matchCriteriaId": "D1828A75-5088-4992-A06B-A58B62536F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*",
"matchCriteriaId": "58030F5A-82E1-4D54-A8F0-30CAAD4C8402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*",
"matchCriteriaId": "9A013753-5E40-4CD8-A649-6CD023E0A970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*",
"matchCriteriaId": "F554BC79-A92C-4287-9D94-3657C48E36CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*",
"matchCriteriaId": "F82710D4-3FAB-469F-B15C-F22B4786AE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*",
"matchCriteriaId": "BDE7B96D-AD37-406D-AF62-3797E7A55119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*",
"matchCriteriaId": "A9C294EC-F0BE-44DA-9073-D29D693F0964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*",
"matchCriteriaId": "E05B6CD2-A581-46C2-AEA7-D8A6028FB466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*",
"matchCriteriaId": "6CEC1380-E75E-40B5-BDE8-94E12317CCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*",
"matchCriteriaId": "C7B7079D-785C-4941-929A-C82B54809728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*",
"matchCriteriaId": "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*",
"matchCriteriaId": "31F8FFF5-25BD-408D-9089-567AF16BA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*",
"matchCriteriaId": "EE834CFD-5533-4989-8836-D0F07ED4919C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*",
"matchCriteriaId": "092F9149-6B82-48CD-B90C-87DB36881F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*",
"matchCriteriaId": "B2EA0EC1-0139-403C-AC9B-08D8530F4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*",
"matchCriteriaId": "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*",
"matchCriteriaId": "755CCD27-3C87-497F-BDBB-48D3163909A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*",
"matchCriteriaId": "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*",
"matchCriteriaId": "1CE71B5C-586B-4829-9A7E-3A008A1C1E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*",
"matchCriteriaId": "802A1549-678C-4001-807B-97AD0953B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*",
"matchCriteriaId": "A6024926-4AE4-4609-99DE-E3173A72058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*",
"matchCriteriaId": "AB1CAAFF-616A-4455-86CA-0ED553D3D27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*",
"matchCriteriaId": "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*",
"matchCriteriaId": "13C713B1-AEA0-40B0-829E-4D0A23808577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004301:*:*:*:*:*:*",
"matchCriteriaId": "04BAED99-1BF3-4089-B6E6-0BE505E6D846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004401:*:*:*:*:*:*",
"matchCriteriaId": "F318EA34-1EB7-484D-B016-3173683B0823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004402:*:*:*:*:*:*",
"matchCriteriaId": "08254171-3483-4796-AD29-8C8A66BEA7A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004403:*:*:*:*:*:*",
"matchCriteriaId": "BB87B220-ED25-4818-8E70-A9663CCEF005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004404:*:*:*:*:*:*",
"matchCriteriaId": "1275D19D-05C0-42F8-8402-647E512DAC72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004405:*:*:*:*:*:*",
"matchCriteriaId": "7D919EB9-F45B-4A4B-9887-7DE98065B766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004406:*:*:*:*:*:*",
"matchCriteriaId": "6CB29FBD-2AD3-49D0-9F49-AE4DD9192C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004407:*:*:*:*:*:*",
"matchCriteriaId": "C2ACA3A8-5B40-45C4-B47F-0DCF04D6700F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004408:*:*:*:*:*:*",
"matchCriteriaId": "92E98665-4919-4D45-88CF-28835DADD6E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C0A275B7-DBF3-4332-8B5F-C9CAD84229B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202008001:*:*:*:*:*:*",
"matchCriteriaId": "497F58A2-0A2C-4A59-A73B-31C956EF3CD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202010001:*:*:*:*:*:*",
"matchCriteriaId": "18E8632C-E442-4F18-BFE2-96AE5C839F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "70F4DA98-C1D3-489E-958C-B466BEAD772B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:1.20.16321839:*:*:*:*:*:*",
"matchCriteriaId": "0DB30686-F9E0-4845-BFB6-713043B35736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution."
},
{
"lang": "es",
"value": "OpenSLP como es usado en VMware ESXi (versiones 7.0 anteriores a ESXi_7.0.1-0.0.16850804, versiones 6.7 anteriores a ESXi670-202010401-SG, versiones 6.5 anteriores a ESXi650-202010401-SG), presenta un problema de uso de la memoria previamente liberada.\u0026#xa0;Un actor malicioso que reside en la red de administraci\u00f3n y que tiene acceso al puerto 427 en una m\u00e1quina ESXi puede desencadenar un uso de la memoria previamente liberada en el servicio OpenSLP resultando en una ejecuci\u00f3n de c\u00f3digo remota"
}
],
"id": "CVE-2020-3992",
"lastModified": "2025-04-02T19:08:45.723",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2020-10-20T17:15:12.810",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
},
{
"source": "security@vmware.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1377/"
},
{
"source": "security@vmware.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1385/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1377/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1385/"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-07-13 19:15
Modified
2024-11-21 05:49
Severity ?
Summary
SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability. A malicious actor with network access to port 5989 on ESXi may exploit this issue to bypass SFCB authentication by sending a specially crafted request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB57C2D7-0571-436F-B41C-D044D0F991B4",
"versionEndExcluding": "3.10.2",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A0F19B24-FF68-4DEA-A514-DEEF99F141F9",
"versionEndExcluding": "4.3",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*",
"matchCriteriaId": "7F916A39-13BD-44A7-A9EC-1FD40EBE357C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*",
"matchCriteriaId": "4F8219B4-1FC2-4383-83E6-92DF700C72D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*",
"matchCriteriaId": "C44C9D6A-8BBE-4970-A732-B9F86D42A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*",
"matchCriteriaId": "427F4ED8-8782-4BDF-A559-11CB8E0A65F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*",
"matchCriteriaId": "63DDC95E-BBCD-4A68-9AFB-B5F9D206818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*",
"matchCriteriaId": "B27E3424-5D4E-4E5D-8762-7AECBB11FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2D217AAB-D45F-480B-8F82-16B261F370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*",
"matchCriteriaId": "1B58312B-D72B-4F13-9EF5-0F42CE592757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*",
"matchCriteriaId": "8FBB88C2-793A-40F2-AA40-EC315115AE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*",
"matchCriteriaId": "21F59801-904B-427F-A1A9-C933E38AB7AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*",
"matchCriteriaId": "5A3FFDE9-FD36-41F9-AC35-E14BB6AEF7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*",
"matchCriteriaId": "D22AFAE1-F817-4037-8EE5-AF04314AAAB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*",
"matchCriteriaId": "8D4C44D6-73AD-48A3-B5F3-31B1FDC77E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*",
"matchCriteriaId": "5D1694B2-1CD9-4943-8CFF-38218CDB88F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*",
"matchCriteriaId": "154B54C8-1D65-4D3E-A64B-CF2D21E71FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*",
"matchCriteriaId": "D86BCD56-4BD6-4C61-B80E-12E47D12A00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*",
"matchCriteriaId": "6741A159-1D92-4E25-BD43-606DE1138D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*",
"matchCriteriaId": "DCC98C53-EEC1-4CFE-9C31-9F2592723B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C565246C-896C-4E48-8C24-344C9B0A3057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202007001:*:*:*:*:*:*",
"matchCriteriaId": "8479F377-4F47-433D-867D-A94A4B0E46EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202010001:*:*:*:*:*:*",
"matchCriteriaId": "ECC2468D-6B23-4C7E-951B-DDA8DD17B51E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202011001:*:*:*:*:*:*",
"matchCriteriaId": "2CB7210B-C9FC-41FA-A258-1F6EC737E9BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202011002:*:*:*:*:*:*",
"matchCriteriaId": "3279299C-37AD-47DF-B22A-20562D13AD80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202102001:*:*:*:*:*:*",
"matchCriteriaId": "91032EB0-AC08-459A-8D78-C7412AE64E3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202102002:*:*:*:*:*:*",
"matchCriteriaId": "7C5987AE-6E37-4470-A192-5E2F1C999F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202102003:*:*:*:*:*:*",
"matchCriteriaId": "F603C437-FC49-4CCA-8A1A-3264CAE794B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201-ug:*:*:*:*:*:*",
"matchCriteriaId": "7264CDC9-FB2D-45A9-9307-C197B1052477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202-ug:*:*:*:*:*:*",
"matchCriteriaId": "D0538570-759A-441A-BC37-556642C090F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203-ug:*:*:*:*:*:*",
"matchCriteriaId": "9CF906E5-A846-49BA-925B-C6059FD02BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204-ug:*:*:*:*:*:*",
"matchCriteriaId": "7D3D0230-53D4-469F-AD46-74F057F6F9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205-ug:*:*:*:*:*:*",
"matchCriteriaId": "8D8E89CE-C919-4CDF-98BE-BA9A126B36BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206-ug:*:*:*:*:*:*",
"matchCriteriaId": "73DA1453-4756-4C16-9640-B3B0C6F617DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207-ug:*:*:*:*:*:*",
"matchCriteriaId": "589EE886-6927-4AEA-903C-155C23B1747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BDDFA27-0D99-4D98-B00F-5D038488BAAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209-ug:*:*:*:*:*:*",
"matchCriteriaId": "3F931502-8460-4373-92D7-CFD817F4A062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210-ug:*:*:*:*:*:*",
"matchCriteriaId": "287D4E48-4890-46C2-8B9B-1CE484C9D30A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211-ug:*:*:*:*:*:*",
"matchCriteriaId": "A916EB29-ADE4-4D65-BF8E-98B44E466AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212-ug:*:*:*:*:*:*",
"matchCriteriaId": "BC024B88-DEDD-49E5-B668-5B00C212B6A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213-ug:*:*:*:*:*:*",
"matchCriteriaId": "DB9F131B-46BE-44F8-904B-FD0839926B18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214-ug:*:*:*:*:*:*",
"matchCriteriaId": "BA2195E5-3BAD-4E90-BE40-A59C0A6A9EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215-ug:*:*:*:*:*:*",
"matchCriteriaId": "1503D3D9-E1A7-41F9-B26D-0AED8ABE6FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216-ug:*:*:*:*:*:*",
"matchCriteriaId": "7BD28EE0-808D-4A76-B707-F163527608C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217-ug:*:*:*:*:*:*",
"matchCriteriaId": "79225541-575F-44FC-8ED6-24BA6A4128EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218-ug:*:*:*:*:*:*",
"matchCriteriaId": "8A4A62CD-A46B-4612-9DC8-7744E6D5EA40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219-ug:*:*:*:*:*:*",
"matchCriteriaId": "D526CE1D-ED76-44EB-9377-53EF7556E254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220-ug:*:*:*:*:*:*",
"matchCriteriaId": "D7E92A1C-40EB-441B-A634-42609527210A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221-ug:*:*:*:*:*:*",
"matchCriteriaId": "111A10BE-FC5A-4272-9719-1DED62694A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222-ug:*:*:*:*:*:*",
"matchCriteriaId": "FC65FCFC-CD55-401A-8986-A1DBF544D228",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223-ug:*:*:*:*:*:*",
"matchCriteriaId": "EEBD3AEC-284C-44E1-A4CD-010787114737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224-ug:*:*:*:*:*:*",
"matchCriteriaId": "42F87C20-5A00-43C9-A445-50AD716233D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225-ug:*:*:*:*:*:*",
"matchCriteriaId": "C1412AFC-CBE8-4151-B01D-785F11ACAB85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226-ug:*:*:*:*:*:*",
"matchCriteriaId": "6431DD1F-2269-4AFB-B486-9B6373F41C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BA5D0CB-E5B0-4C95-91A7-C662BAE01483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228-ug:*:*:*:*:*:*",
"matchCriteriaId": "A86BDAB4-3924-45A8-9130-517DEA184FA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229-ug:*:*:*:*:*:*",
"matchCriteriaId": "A6EAE07B-2849-4E3B-B8D0-F68E6440A9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*",
"matchCriteriaId": "9969057F-BD3A-474E-8A02-087575A8AA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*",
"matchCriteriaId": "7111974A-2A88-4209-8CBB-F872993AE4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*",
"matchCriteriaId": "35722902-3652-44F1-89C2-08EB51F2A1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*",
"matchCriteriaId": "E469AC46-D464-4960-8F23-CA59B3DCB7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*",
"matchCriteriaId": "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*",
"matchCriteriaId": "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*",
"matchCriteriaId": "739948F5-E005-49E3-B412-4E035C7D95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*",
"matchCriteriaId": "D1828A75-5088-4992-A06B-A58B62536F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*",
"matchCriteriaId": "58030F5A-82E1-4D54-A8F0-30CAAD4C8402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*",
"matchCriteriaId": "9A013753-5E40-4CD8-A649-6CD023E0A970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*",
"matchCriteriaId": "F554BC79-A92C-4287-9D94-3657C48E36CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*",
"matchCriteriaId": "F82710D4-3FAB-469F-B15C-F22B4786AE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*",
"matchCriteriaId": "BDE7B96D-AD37-406D-AF62-3797E7A55119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*",
"matchCriteriaId": "A9C294EC-F0BE-44DA-9073-D29D693F0964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*",
"matchCriteriaId": "E05B6CD2-A581-46C2-AEA7-D8A6028FB466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*",
"matchCriteriaId": "6CEC1380-E75E-40B5-BDE8-94E12317CCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*",
"matchCriteriaId": "C7B7079D-785C-4941-929A-C82B54809728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*",
"matchCriteriaId": "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*",
"matchCriteriaId": "31F8FFF5-25BD-408D-9089-567AF16BA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*",
"matchCriteriaId": "EE834CFD-5533-4989-8836-D0F07ED4919C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*",
"matchCriteriaId": "092F9149-6B82-48CD-B90C-87DB36881F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*",
"matchCriteriaId": "B2EA0EC1-0139-403C-AC9B-08D8530F4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*",
"matchCriteriaId": "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*",
"matchCriteriaId": "755CCD27-3C87-497F-BDBB-48D3163909A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201911001:*:*:*:*:*:*",
"matchCriteriaId": "2130E67D-7F2A-4D82-BEFD-BA42B6B6FDA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*",
"matchCriteriaId": "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*",
"matchCriteriaId": "1CE71B5C-586B-4829-9A7E-3A008A1C1E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*",
"matchCriteriaId": "802A1549-678C-4001-807B-97AD0953B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*",
"matchCriteriaId": "A6024926-4AE4-4609-99DE-E3173A72058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*",
"matchCriteriaId": "AB1CAAFF-616A-4455-86CA-0ED553D3D27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*",
"matchCriteriaId": "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*",
"matchCriteriaId": "13C713B1-AEA0-40B0-829E-4D0A23808577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004301:*:*:*:*:*:*",
"matchCriteriaId": "04BAED99-1BF3-4089-B6E6-0BE505E6D846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004401:*:*:*:*:*:*",
"matchCriteriaId": "F318EA34-1EB7-484D-B016-3173683B0823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004402:*:*:*:*:*:*",
"matchCriteriaId": "08254171-3483-4796-AD29-8C8A66BEA7A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004403:*:*:*:*:*:*",
"matchCriteriaId": "BB87B220-ED25-4818-8E70-A9663CCEF005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004404:*:*:*:*:*:*",
"matchCriteriaId": "1275D19D-05C0-42F8-8402-647E512DAC72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004405:*:*:*:*:*:*",
"matchCriteriaId": "7D919EB9-F45B-4A4B-9887-7DE98065B766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004406:*:*:*:*:*:*",
"matchCriteriaId": "6CB29FBD-2AD3-49D0-9F49-AE4DD9192C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004407:*:*:*:*:*:*",
"matchCriteriaId": "C2ACA3A8-5B40-45C4-B47F-0DCF04D6700F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004408:*:*:*:*:*:*",
"matchCriteriaId": "92E98665-4919-4D45-88CF-28835DADD6E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C0A275B7-DBF3-4332-8B5F-C9CAD84229B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202008001:*:*:*:*:*:*",
"matchCriteriaId": "497F58A2-0A2C-4A59-A73B-31C956EF3CD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202010001:*:*:*:*:*:*",
"matchCriteriaId": "18E8632C-E442-4F18-BFE2-96AE5C839F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202011001:*:*:*:*:*:*",
"matchCriteriaId": "13D69B99-CB36-45DD-9FD9-C58186998200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202011002:*:*:*:*:*:*",
"matchCriteriaId": "EF0BC157-1834-46D8-9BF9-0CE9648C7D8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202102001:*:*:*:*:*:*",
"matchCriteriaId": "728136B6-47A7-42BC-9464-7745E4F2B4FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202103001:*:*:*:*:*:*",
"matchCriteriaId": "3967967A-E0A5-45B3-999C-D749A9B0C791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "F030A666-1955-438B-8417-5C294905399F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
"matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "238E7AF4-722B-423D-ABB1-424286B06715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "1E4DE8C7-72FB-4BEC-AD9E-378786295011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability. A malicious actor with network access to port 5989 on ESXi may exploit this issue to bypass SFCB authentication by sending a specially crafted request."
},
{
"lang": "es",
"value": "SFCB (Small Footprint CIM Broker), tal y como se utiliza en ESXi, presenta una vulnerabilidad en la omisi\u00f3n de la autenticaci\u00f3n. Un actor malicioso con acceso de red al puerto 5989 en ESXi puede explotar este problema para omitir la autenticaci\u00f3n de SFCB al enviar una petici\u00f3n especialmente dise\u00f1ada"
}
],
"id": "CVE-2021-21994",
"lastModified": "2024-11-21T05:49:24.240",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-13T19:15:09.327",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0014.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-24 16:15
Modified
2024-11-21 05:32
Severity ?
Summary
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an off-by-one heap-overflow vulnerability in the SVGA device. A malicious actor with local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker's control must be present for exploitation to be possible.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2020-0015.html | Vendor Advisory | |
| security@vmware.com | https://www.zerodayinitiative.com/advisories/ZDI-20-786/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2020-0015.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-20-786/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | fusion | * | |
| vmware | workstation | * | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 7.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F22BFA96-7E07-4E05-90A4-45A2F2FC2064",
"versionEndExcluding": "3.10",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02A5A8AC-4C6C-4E95-B730-00783FB79DFF",
"versionEndExcluding": "4.0.1",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CD44672-26F4-4B0F-933E-C929B32E3C9E",
"versionEndExcluding": "11.5.5",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEDE60F7-0DD8-43BD-9780-40058AFDB073",
"versionEndExcluding": "15.5.5",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*",
"matchCriteriaId": "7F916A39-13BD-44A7-A9EC-1FD40EBE357C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*",
"matchCriteriaId": "4F8219B4-1FC2-4383-83E6-92DF700C72D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*",
"matchCriteriaId": "C44C9D6A-8BBE-4970-A732-B9F86D42A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*",
"matchCriteriaId": "427F4ED8-8782-4BDF-A559-11CB8E0A65F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*",
"matchCriteriaId": "63DDC95E-BBCD-4A68-9AFB-B5F9D206818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*",
"matchCriteriaId": "B27E3424-5D4E-4E5D-8762-7AECBB11FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2D217AAB-D45F-480B-8F82-16B261F370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*",
"matchCriteriaId": "1B58312B-D72B-4F13-9EF5-0F42CE592757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*",
"matchCriteriaId": "8FBB88C2-793A-40F2-AA40-EC315115AE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*",
"matchCriteriaId": "21F59801-904B-427F-A1A9-C933E38AB7AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*",
"matchCriteriaId": "5A3FFDE9-FD36-41F9-AC35-E14BB6AEF7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*",
"matchCriteriaId": "D22AFAE1-F817-4037-8EE5-AF04314AAAB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*",
"matchCriteriaId": "8D4C44D6-73AD-48A3-B5F3-31B1FDC77E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*",
"matchCriteriaId": "5D1694B2-1CD9-4943-8CFF-38218CDB88F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*",
"matchCriteriaId": "154B54C8-1D65-4D3E-A64B-CF2D21E71FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*",
"matchCriteriaId": "D86BCD56-4BD6-4C61-B80E-12E47D12A00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*",
"matchCriteriaId": "6741A159-1D92-4E25-BD43-606DE1138D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*",
"matchCriteriaId": "DCC98C53-EEC1-4CFE-9C31-9F2592723B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*",
"matchCriteriaId": "9969057F-BD3A-474E-8A02-087575A8AA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*",
"matchCriteriaId": "7111974A-2A88-4209-8CBB-F872993AE4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*",
"matchCriteriaId": "35722902-3652-44F1-89C2-08EB51F2A1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*",
"matchCriteriaId": "E469AC46-D464-4960-8F23-CA59B3DCB7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*",
"matchCriteriaId": "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*",
"matchCriteriaId": "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*",
"matchCriteriaId": "739948F5-E005-49E3-B412-4E035C7D95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*",
"matchCriteriaId": "D1828A75-5088-4992-A06B-A58B62536F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*",
"matchCriteriaId": "58030F5A-82E1-4D54-A8F0-30CAAD4C8402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*",
"matchCriteriaId": "9A013753-5E40-4CD8-A649-6CD023E0A970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*",
"matchCriteriaId": "F554BC79-A92C-4287-9D94-3657C48E36CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*",
"matchCriteriaId": "F82710D4-3FAB-469F-B15C-F22B4786AE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*",
"matchCriteriaId": "BDE7B96D-AD37-406D-AF62-3797E7A55119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*",
"matchCriteriaId": "A9C294EC-F0BE-44DA-9073-D29D693F0964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*",
"matchCriteriaId": "E05B6CD2-A581-46C2-AEA7-D8A6028FB466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*",
"matchCriteriaId": "6CEC1380-E75E-40B5-BDE8-94E12317CCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*",
"matchCriteriaId": "C7B7079D-785C-4941-929A-C82B54809728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*",
"matchCriteriaId": "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*",
"matchCriteriaId": "31F8FFF5-25BD-408D-9089-567AF16BA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*",
"matchCriteriaId": "EE834CFD-5533-4989-8836-D0F07ED4919C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*",
"matchCriteriaId": "092F9149-6B82-48CD-B90C-87DB36881F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*",
"matchCriteriaId": "B2EA0EC1-0139-403C-AC9B-08D8530F4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*",
"matchCriteriaId": "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*",
"matchCriteriaId": "755CCD27-3C87-497F-BDBB-48D3163909A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*",
"matchCriteriaId": "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*",
"matchCriteriaId": "1CE71B5C-586B-4829-9A7E-3A008A1C1E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*",
"matchCriteriaId": "802A1549-678C-4001-807B-97AD0953B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*",
"matchCriteriaId": "A6024926-4AE4-4609-99DE-E3173A72058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*",
"matchCriteriaId": "AB1CAAFF-616A-4455-86CA-0ED553D3D27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*",
"matchCriteriaId": "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*",
"matchCriteriaId": "13C713B1-AEA0-40B0-829E-4D0A23808577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "70F4DA98-C1D3-489E-958C-B466BEAD772B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an off-by-one heap-overflow vulnerability in the SVGA device. A malicious actor with local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker\u0027s control must be present for exploitation to be possible."
},
{
"lang": "es",
"value": "VMware ESXi (versiones 7.0 anteriores a ESXi_7.0.0-1.20.16321839, versiones 6.7 anteriores a ESXi670-202004101-SG y versiones 6.5 anteriores a ESXi650-202005401-SG), Workstation (versiones 15.x anteriores a 15.5.5) y Fusion (versiones 11.x anteriores a 11.5. 5), contienen una vulnerabilidad de desbordamiento de pila por un paso en el dispositivo SVGA. Un actor malicioso con acceso local a una m\u00e1quina virtual con gr\u00e1ficos 3D habilitados puede ser capaz de explotar esta vulnerabilidad para ejecutar c\u00f3digo en el hipervisor desde una m\u00e1quina virtual. Condiciones adicionales m\u00e1s all\u00e1 del control del atacante deben estar presentes para que la explotaci\u00f3n sea posible"
}
],
"id": "CVE-2020-3969",
"lastModified": "2024-11-21T05:32:05.020",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.1,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-24T16:15:10.923",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"source": "security@vmware.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-786/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-786/"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-193"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 12:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vCenter Server contains multiple denial-of-service vulnerabilities in VAPI (vCenter API) service. A malicious actor with network access to port 443 on vCenter Server may exploit these issues to create a denial of service condition due to excessive memory consumption by VAPI service.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5071E0B4-FE4B-4525-BAF6-3900D9C8D48D",
"versionEndExcluding": "5.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains multiple denial-of-service vulnerabilities in VAPI (vCenter API) service. A malicious actor with network access to port 443 on vCenter Server may exploit these issues to create a denial of service condition due to excessive memory consumption by VAPI service."
},
{
"lang": "es",
"value": "vCenter Server contiene m\u00faltiples vulnerabilidades de denegaci\u00f3n de servicio en el servicio VAPI (vCenter API). Un actor malicioso con acceso a la red al puerto 443 de vCenter Server puede explotar estos problemas para crear una condici\u00f3n de denegaci\u00f3n de servicio debido al consumo excesivo de memoria por parte del servicio VAPI"
}
],
"id": "CVE-2021-22009",
"lastModified": "2024-11-21T05:49:25.960",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T12:15:07.893",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-668"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-30 18:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vRealize Operations Manager API (8.x prior to 8.5) contains a broken access control vulnerability leading to unauthenticated API access. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can add new nodes to existing vROps cluster.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0018.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0018.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | vrealize_operations_manager | * | |
| vmware | vrealize_operations_manager | 7.5.0 | |
| vmware | vrealize_suite_lifecycle_manager | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE39D06C-8AF4-4978-BCFD-80FB0A36C93A",
"versionEndIncluding": "3.10.2.1",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6A3FA17-BA09-499D-BAC7-053B380DF443",
"versionEndIncluding": "4.2.1",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B12F2BE9-8DA7-4BF0-85C0-0B5D6C4532A8",
"versionEndExcluding": "8.5.0",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:7.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC6471F-2FB5-4C7A-9B5D-0B08A8E2C08C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4767C7D-8165-43A6-8F16-12F8EE65FDFB",
"versionEndIncluding": "8.2",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vRealize Operations Manager API (8.x prior to 8.5) contains a broken access control vulnerability leading to unauthenticated API access. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can add new nodes to existing vROps cluster."
},
{
"lang": "es",
"value": "La API de vRealize Operations Manager (versiones 8.x anteriores a 8.5) contiene una vulnerabilidad de control de acceso rota, conllevando a un acceso no autenticado a la API. Un actor malicioso no autenticado con acceso a la red de la API de vRealize Operations Manager puede a\u00f1adir nuevos nodos a un cl\u00faster de vROps existente."
}
],
"id": "CVE-2021-22025",
"lastModified": "2024-11-21T05:49:27.743",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-30T18:15:08.373",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-30 16:15
Modified
2025-01-10 19:15
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
VMware Workspace ONE Access and VMware Identity Manager contain an insecure redirect vulnerability. An unauthenticated malicious actor may be able to redirect a victim to an attacker controlled domain due to improper path handling leading to sensitive information disclosure.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2023-0011.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2023-0011.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | identity_manager | 3.3.6 | |
| vmware | identity_manager | 3.3.7 | |
| linux | linux_kernel | - | |
| vmware | workspace_one_access | * | |
| linux | linux_kernel | - | |
| vmware | cloud_foundation | - | |
| vmware | identity_manager_connector | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBB8190-2101-4EE5-844E-B46E7FB78FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A6085F21-481D-4853-9EA6-26497FAB1A03",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C226C8E-9B48-43F7-8692-66F204957899",
"versionEndIncluding": "22.09.1.0",
"versionStartIncluding": "21.0.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31A7BB38-3238-413E-9736-F1A165D40867",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:identity_manager_connector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E75DB1CB-C921-421E-B793-0C48AB15C574",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access and VMware Identity Manager contain an insecure redirect vulnerability.\u00a0An unauthenticated malicious actor may be able to redirect a victim to an attacker controlled domain due to improper path handling leading to sensitive information disclosure."
}
],
"id": "CVE-2023-20884",
"lastModified": "2025-01-10T19:15:31.997",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-30T16:15:09.390",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0011.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-13 18:15
Modified
2025-02-12 20:03
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. A malicious actor with local access can escalate privileges to 'root'.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://packetstormsecurity.com/files/171918/Mware-Workspace-ONE-Remote-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| security@vmware.com | http://packetstormsecurity.com/files/171918/VMware-Workspace-ONE-Remote-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| security@vmware.com | http://packetstormsecurity.com/files/171935/VMware-Workspace-ONE-Access-Privilege-Escalation.html | Exploit, Third Party Advisory, VDB Entry | |
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2022-0011.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/171918/Mware-Workspace-ONE-Remote-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/171918/VMware-Workspace-ONE-Remote-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/171935/VMware-Workspace-ONE-Access-Privilege-Escalation.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2022-0011.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | - | |
| vmware | cloud_foundation | * | |
| vmware | identity_manager | 3.3.3 | |
| vmware | identity_manager | 3.3.4 | |
| vmware | identity_manager | 3.3.5 | |
| vmware | identity_manager | 3.3.6 | |
| vmware | vrealize_automation | * | |
| vmware | vrealize_automation | 7.6 | |
| vmware | vrealize_suite_lifecycle_manager | * | |
| vmware | workspace_one_access | 20.10.0.0 | |
| vmware | workspace_one_access | 20.10.0.1 | |
| vmware | workspace_one_access | 21.08.0.0 | |
| vmware | workspace_one_access | 21.08.0.1 |
{
"cisaActionDue": "2022-05-06",
"cisaExploitAdd": "2022-04-15",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "VMware Multiple Products Privilege Escalation Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5071E0B4-FE4B-4525-BAF6-3900D9C8D48D",
"versionEndExcluding": "5.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "97D98937-489B-4AA5-B99E-9AB639C582CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0E93CB5E-CB4A-474A-9901-2E098928C489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A215A7D-F644-41DE-AB4E-69145DA48F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBB8190-2101-4EE5-844E-B46E7FB78FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_automation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "370EF5F6-77E2-4EF7-9148-9DA5C52E50F5",
"versionEndExcluding": "9.0",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_automation:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "471BB5AF-3744-45FE-937D-BBEC421035EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC19367B-D2F8-4966-BE2F-12700C9337EC",
"versionEndExcluding": "9.0",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:20.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "639F6029-DE62-49BD-A767-C5D499389C37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:20.10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88AD029C-7707-4F1E-BE7F-2DE27D384538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:21.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "57375AD7-8042-472F-B49E-653C77EAFA48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:21.08.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AC3DC465-1FA7-4F5B-9A9A-12F8FB4CE146",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. A malicious actor with local access can escalate privileges to \u0027root\u0027."
},
{
"lang": "es",
"value": "VMware Workspace ONE Access, Identity Manager y vRealize Automation contienen una vulnerabilidad de escalada de privilegios debido a permisos inapropiados en scripts de soporte. Un actor malicioso con acceso local puede escalar los privilegios a \"root\""
}
],
"id": "CVE-2022-22960",
"lastModified": "2025-02-12T20:03:03.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-04-13T18:15:13.510",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/171918/Mware-Workspace-ONE-Remote-Code-Execution.html"
},
{
"source": "security@vmware.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/171918/VMware-Workspace-ONE-Remote-Code-Execution.html"
},
{
"source": "security@vmware.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/171935/VMware-Workspace-ONE-Access-Privilege-Escalation.html"
},
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/171918/Mware-Workspace-ONE-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/171918/VMware-Workspace-ONE-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/171935/VMware-Workspace-ONE-Access-Privilege-Escalation.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-12 21:15
Modified
2025-01-27 18:15
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.10.0 | |
| vmware | vrealize_operations | 8.10.0 | |
| vmware | vrealize_operations | 8.10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF004A8-90A0-4804-97DA-C2C2005A54AA",
"versionEndIncluding": "4.5",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C2EC4ADE-5538-4D36-B8E3-054F3741287D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "2774F1D5-F310-493D-933A-0620972B1C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "6C147941-9563-45DE-86FB-7842410F2842",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix4:*:*:*:*:*:*",
"matchCriteriaId": "2D94B6D3-035A-467D-8BAB-E6D1798C4540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix5:*:*:*:*:*:*",
"matchCriteriaId": "5455A916-25B6-4D67-94E7-AA2E9E266C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix6:*:*:*:*:*:*",
"matchCriteriaId": "63DEF44F-4563-4CC9-9725-B0515C766621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix8:*:*:*:*:*:*",
"matchCriteriaId": "481DFF79-E580-4148-9739-A04322DB9082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix9:*:*:*:*:*:*",
"matchCriteriaId": "02B76ED1-AF32-4C2E-B563-0BDAAFCCCB7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.10.0:-:*:*:*:*:*:*",
"matchCriteriaId": "0C75768C-AAA3-476F-A08E-F166D98670DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.10.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "C827142B-2311-4B19-B5A6-5E80D5D600CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.10.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "35B4677F-8DD9-476B-9A9E-F7ED31758BC2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system."
}
],
"id": "CVE-2023-20878",
"lastModified": "2025-01-27T18:15:32.473",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-05-12T21:15:09.093",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0009.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-25 15:15
Modified
2024-12-20 16:52
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group ('ESXi Admins' by default) after it was deleted from AD.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505 | Patch, Vendor Advisory |
Impacted products
{
"cisaActionDue": "2024-08-20",
"cisaExploitAdd": "2024-07-30",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "VMware ESXi Authentication Bypass Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8DFE6-9C74-4711-A8AF-3B170876A1F9",
"versionEndExcluding": "5.2",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48D2E2D5-A0B8-4AF1-BF4A-30154F754C94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "7A1A402A-9262-4B97-A0B7-E5AE045E394D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:a:*:*:*:*:*:*",
"matchCriteriaId": "FE44B379-9943-4DD1-8514-26F87482AFA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:b:*:*:*:*:*:*",
"matchCriteriaId": "2A797377-8945-4D75-AA68-A768855E5842",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:c:*:*:*:*:*:*",
"matchCriteriaId": "79D84D76-54BE-49E9-905C-7D65B4B42D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2F8767F7-7C3D-457D-9EAC-E8A30796F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "29AF8474-2D7A-4C5A-82B9-7A873AD90C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "7781A2CA-D927-48CD-9932-AE42B7BA1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "18FD08C9-5895-4BF4-BBE0-C2DDA5F6B836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "360C1B71-5360-4379-B0DE-63BB8F5E6DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_2b:*:*:*:*:*:*",
"matchCriteriaId": "B16ED7C1-9881-452A-8BE0-EDDEAEFE3D7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_2c:*:*:*:*:*:*",
"matchCriteriaId": "ED92209F-FBD6-43F9-9A15-3842B139FCC9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi contains an authentication bypass vulnerability.\u00a0A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts-to-active-directory.html by re-creating the configured AD group (\u0027ESXi Admins\u0027 by default) after it was deleted from AD."
},
{
"lang": "es",
"value": "VMware ESXi contiene una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n. Un actor malicioso con suficientes permisos de Active Directory (AD) puede obtener acceso completo a un host ESXi que se configur\u00f3 previamente para usar AD para la administraci\u00f3n de usuarios https://blogs.vmware.com/vsphere/2012/09/joining-vsphere-hosts -to-active-directory.html recreando el grupo de AD configurado (\u0027Administradores de ESXi\u0027 de forma predeterminada) despu\u00e9s de eliminarlo de AD."
}
],
"id": "CVE-2024-37085",
"lastModified": "2024-12-20T16:52:43.217",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-25T15:15:12.377",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24505"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-305"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-13 16:15
Modified
2025-04-22 04:15
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1588 | ||
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2022-0030.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1588 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2022-0030.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | 3.0 | |
| vmware | cloud_foundation | 3.0.1 | |
| vmware | cloud_foundation | 3.0.1.1 | |
| vmware | cloud_foundation | 3.5 | |
| vmware | cloud_foundation | 3.5.1 | |
| vmware | cloud_foundation | 3.7 | |
| vmware | cloud_foundation | 3.7.1 | |
| vmware | cloud_foundation | 3.7.2 | |
| vmware | cloud_foundation | 3.8 | |
| vmware | cloud_foundation | 3.8.1 | |
| vmware | cloud_foundation | 3.9 | |
| vmware | cloud_foundation | 3.9.1 | |
| vmware | cloud_foundation | 3.10 | |
| vmware | cloud_foundation | 3.10.1 | |
| vmware | cloud_foundation | 3.10.1.1 | |
| vmware | cloud_foundation | 3.10.1.2 | |
| vmware | cloud_foundation | 3.10.2.1 | |
| vmware | cloud_foundation | 3.10.2.2 | |
| vmware | cloud_foundation | 3.11 | |
| vmware | cloud_foundation | 4.0 | |
| vmware | cloud_foundation | 4.0.1 | |
| vmware | cloud_foundation | 4.1 | |
| vmware | cloud_foundation | 4.1.0.1 | |
| vmware | cloud_foundation | 4.2 | |
| vmware | cloud_foundation | 4.2.1 | |
| vmware | cloud_foundation | 4.3 | |
| vmware | cloud_foundation | 4.3.1 | |
| vmware | cloud_foundation | 4.4 | |
| vmware | cloud_foundation | 4.4.1 | |
| vmware | cloud_foundation | 4.4.1.1 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | cloud_foundation | 3.10.2 | |
| vmware | cloud_foundation | 4.1.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BEACD8D-30EF-44FE-839B-DA69E6CED23A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36847AD6-88CC-4228-AB4E-5161B381267C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC3C214-DEFC-48D9-8728-31F19095375E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF5CF56-8DE1-42F5-9EC1-E5666DD7FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36668618-33C3-460A-879B-A9741405C9D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8266FD66-3BB6-4720-9D9F-06EFB38FA4B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8D4C25D3-BC49-4727-B7A2-28C0F2E647EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3E9AB6FF-D508-42FF-8FB9-24B96AE2F03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "328785AE-390C-4CA2-9771-4A26387E4E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298B797F-C3B6-445C-AADB-8633B446F10F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F97BA12F-A60D-4398-9CA8-DE2F7BACBA8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E19009EB-02D3-424A-947D-7B66EFCCE422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "89656A51-0840-4A27-B05B-7E54B0CF0521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "11C27637-44C5-4678-AF19-82E6CB9B15E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D26128AF-864F-403E-A491-437FEC0BE1B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.10.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8A8D11F7-A6C1-4E9A-A288-B90B90B0CAB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.10.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB2DDABB-1590-4AE7-B96D-BB7FB209582D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.10.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6A79A33F-A1FF-438F-BC77-94ACC45F5488",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "42DF0955-2FDD-46BF-9932-AF2C8F8A7599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "38EB0C0C-56CF-4A8F-A36F-E0E180B9059E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A54544F5-5929-4609-A91C-FCA0FDBFE862",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CA6D6348-E71A-4DA4-AC84-51397B2461A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8EC0B43-8667-45D6-BF97-03DDFFAD2AF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E841E8EF-9500-4937-BAC4-8AB76C96A3EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4C5700-1AFE-49F6-AC92-09F2349345ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B23891F3-08B7-480B-9B83-81381E33212F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EC07793-6DB1-4ACD-976D-A370FFAE505A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F7B0AA0D-0BE2-40C5-A432-F607EF66829C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6C767B9C-CDAC-4651-B696-589726CDD5C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E216CBB-8C99-46AA-B195-E16393354D14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*",
"matchCriteriaId": "CF7DDB0C-3C07-4B5E-8B8A-0542FEE72877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*",
"matchCriteriaId": "1DD16169-A7DF-4604-888C-156A60018E32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*",
"matchCriteriaId": "46FC9F34-C8FA-4AFE-9F4A-7CF9516BD4D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*",
"matchCriteriaId": "D26534EB-327B-4ED6-A3E1-005552CB1F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*",
"matchCriteriaId": "786CDD50-7E18-4437-8DB9-2D0ADECD436E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*",
"matchCriteriaId": "B2CE8DAE-0E78-4004-983D-1ECD8855EC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1:*:*:*:*:*:*",
"matchCriteriaId": "7E51F433-1152-4E94-AF77-970230B1A574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1b:*:*:*:*:*:*",
"matchCriteriaId": "0064D104-E0D8-481A-9029-D3726A1A9CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1c:*:*:*:*:*:*",
"matchCriteriaId": "9B4D3F61-6CD9-411F-A205-EB06A57EBB4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1d:*:*:*:*:*:*",
"matchCriteriaId": "F72A1E9C-F960-4E8C-A46C-B38209E6349E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1e:*:*:*:*:*:*",
"matchCriteriaId": "2C33CE46-F529-4EA9-9344-6ED3BFA7019D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1g:*:*:*:*:*:*",
"matchCriteriaId": "9F1D8161-0E02-45C9-BF61-14799AB65E03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2:*:*:*:*:*:*",
"matchCriteriaId": "1F2CB1FF-6118-4875-945D-07BAA3A21FFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2b:*:*:*:*:*:*",
"matchCriteriaId": "1AEDA28A-5C8E-4E95-A377-3BE530DBEAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2c:*:*:*:*:*:*",
"matchCriteriaId": "BDDC6510-3116-4578-80C8-8EF044A8370A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2d:*:*:*:*:*:*",
"matchCriteriaId": "8678DB48-CB98-4E4C-ADE6-CABA73265FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2g:*:*:*:*:*:*",
"matchCriteriaId": "DBD9A341-1FBF-4E04-848B-550DEB27261A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3:*:*:*:*:*:*",
"matchCriteriaId": "4955663C-1BB6-4F3E-9D4B-362DF144B7F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3d:*:*:*:*:*:*",
"matchCriteriaId": "CE0F8453-3D6C-4F1C-9167-3F02E3D905DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3f:*:*:*:*:*:*",
"matchCriteriaId": "0EAD4045-A7F9-464F-ABB9-3782941162CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3k:*:*:*:*:*:*",
"matchCriteriaId": "2F0A79C2-33AE-40C5-A853-770A4C691F29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3n:*:*:*:*:*:*",
"matchCriteriaId": "D8BB6CBC-11D6-40A4-ABAF-53AB9BED5A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3p:*:*:*:*:*:*",
"matchCriteriaId": "26A3EC15-8C04-49AD-9045-4D9FADBD50CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3q:*:*:*:*:*:*",
"matchCriteriaId": "AF7E87BB-1B5B-4F13-A70C-B3C6716E7919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3r:*:*:*:*:*:*",
"matchCriteriaId": "70A9244F-2C9C-4D7D-B384-08DDF95770DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3s:*:*:*:*:*:*",
"matchCriteriaId": "2CBEA4F8-CBA3-4C71-96B3-47489F0D299C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3t:*:*:*:*:*:*",
"matchCriteriaId": "B40B0E23-410D-403D-811B-486EBF406E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*",
"matchCriteriaId": "5241C282-A02B-44B2-B6CA-BA3A99F9737C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*",
"matchCriteriaId": "04A60AC7-C2EA-4DBF-9743-54D708584AFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*",
"matchCriteriaId": "8A91B0C4-F184-459E-AFD3-DE0E351CC964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update_3o:*:*:*:*:*:*",
"matchCriteriaId": "7494090C-C5E4-46E9-8222-6096731FC7C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1:*:*:*:*:*:*",
"matchCriteriaId": "23253631-2655-48A8-9B00-CB984232329C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1b:*:*:*:*:*:*",
"matchCriteriaId": "50C2A9A8-0E66-4702-BCD4-74622108E7A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2:*:*:*:*:*:*",
"matchCriteriaId": "EE4D3E2A-C32D-408F-B811-EF8BC86F0D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2a:*:*:*:*:*:*",
"matchCriteriaId": "31CA7802-D78D-4BAD-A45A-68B601C010C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2c:*:*:*:*:*:*",
"matchCriteriaId": "3B98981B-4721-4752-BAB4-361DB5AEB86F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3:*:*:*:*:*:*",
"matchCriteriaId": "04487105-980A-4943-9360-4442BF0411E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3a:*:*:*:*:*:*",
"matchCriteriaId": "24D24E06-EB3F-4F11-849B-E66757B01466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3b:*:*:*:*:*:*",
"matchCriteriaId": "8AF12716-88E2-44B5-ACD7-BCBECA130FB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3f:*:*:*:*:*:*",
"matchCriteriaId": "3352212C-E820-47B3-BDF5-57018F5B9E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3g:*:*:*:*:*:*",
"matchCriteriaId": "6436ADFD-6B94-4D2A-B09B-CED4EC6CA276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3j:*:*:*:*:*:*",
"matchCriteriaId": "D06832CE-F946-469D-B495-6735F18D02A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3l:*:*:*:*:*:*",
"matchCriteriaId": "726AC46D-9EA8-4FE8-94B8-0562935458F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3m:*:*:*:*:*:*",
"matchCriteriaId": "0243D22F-1591-4A95-A7FE-2658CEE0C08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3n:*:*:*:*:*:*",
"matchCriteriaId": "02AE5983-CD14-4EAF-9F5C-1281E3DE7F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3o:*:*:*:*:*:*",
"matchCriteriaId": "EFDDF4CA-1C20-430E-A17C-CC2998F8BDDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3p:*:*:*:*:*:*",
"matchCriteriaId": "7D2B0FBA-8E4A-491E-8E22-AAD7DBB5FF5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3q:*:*:*:*:*:*",
"matchCriteriaId": "126B4E78-DCE3-4375-80C9-3679F9BF107C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3r:*:*:*:*:*:*",
"matchCriteriaId": "5D7808C1-9548-4BAE-8EC5-6C406185757F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
"matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*",
"matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*",
"matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*",
"matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "0FC6765A-6584-45A8-9B21-4951D2EA8939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "85DD238C-EF73-44F0-928E-A94FF5C4B378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "F4CA36C1-732E-41AE-B847-F7411B753F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "0DA882B6-D811-4E4B-B614-2D48F0B9036E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2b:*:*:*:*:*:*",
"matchCriteriaId": "8D30A78E-16D0-4A2E-A2F8-F6073698243E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2c:*:*:*:*:*:*",
"matchCriteriaId": "188E103E-9568-4CE0-A984-141B2A9E82D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2d:*:*:*:*:*:*",
"matchCriteriaId": "B266439F-E911-4C95-9D27-88DF96DDCCD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "6508A908-EF14-4A72-AC75-5DA6F8B98A0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3a:*:*:*:*:*:*",
"matchCriteriaId": "3BAD2012-5C82-4EA9-A780-9BF1DA5A18AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3c:*:*:*:*:*:*",
"matchCriteriaId": "58597F18-0B23-4D21-9ABA-D9773958F10E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3d:*:*:*:*:*:*",
"matchCriteriaId": "ADF46C54-313B-4742-A074-EEA0A6554680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3e:*:*:*:*:*:*",
"matchCriteriaId": "9587F800-57BC-44B6-870E-95691684FC46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3f:*:*:*:*:*:*",
"matchCriteriaId": "AD148A75-5076-416D-AFD6-0F281DA0A82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3g:*:*:*:*:*:*",
"matchCriteriaId": "956CEA8C-F8C4-41BD-85B4-44FE3A772E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3h:*:*:*:*:*:*",
"matchCriteriaId": "008AEA0F-116B-4AF8-B3A7-3041CCE25235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:cloud_foundation:3.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "835A61AF-D8FC-4E46-988C-F9617EB2F979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:cloud_foundation:4.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "583414A6-53B4-4866-A5ED-3D124DCD7B81",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de Denegaci\u00f3n de Servicio (DoS) en el servicio de librer\u00eda de contenido. Un actor malintencionado con acceso de red al puerto 443 en vCenter Server puede aprovechar este problema para desencadenar una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) enviando un encabezado especialmente manipulado."
}
],
"id": "CVE-2022-31698",
"lastModified": "2025-04-22T04:15:20.490",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-12-13T16:15:19.847",
"references": [
{
"source": "security@vmware.com",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1588"
},
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1588"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0030.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-06-04 20:15
Modified
2025-07-14 17:22
Severity ?
Summary
VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the router port due to improper input validation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | vmware_nsx | * | |
| broadcom | vmware_nsx | * | |
| broadcom | vmware_nsx | 4.2.2 | |
| vmware | cloud_foundation | * | |
| vmware | telco_cloud_infrastructure | * | |
| vmware | telco_cloud_platform | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:vmware_nsx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA802D68-9739-4EF6-8A2A-841E5A30B747",
"versionEndExcluding": "4.1.2.6",
"versionStartIncluding": "3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:vmware_nsx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2EA245FB-84B8-4B53-8697-029435CD793E",
"versionEndExcluding": "4.2.1.4",
"versionStartIncluding": "4.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:vmware_nsx:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3E4DA6-50BF-402E-AC32-29FB702C23DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2A1D50-E58C-4FB4-821E-CB17B4D6170C",
"versionEndIncluding": "5.2.1.2",
"versionStartIncluding": "4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_infrastructure:*:*:*:*:*:*:*:*",
"matchCriteriaId": "904AA81A-D1C3-4DAF-BB2C-C51FEDF5B3F6",
"versionEndIncluding": "3.0",
"versionStartIncluding": "2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E78094-639D-47D6-998B-4EB111E45D18",
"versionEndIncluding": "5.0",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the router port due to improper input validation."
},
{
"lang": "es",
"value": "VMware NSX contiene una vulnerabilidad de Cross-Site Scripting (XSS) almacenado en el puerto del enrutador debido a una validaci\u00f3n de entrada incorrecta."
}
],
"id": "CVE-2025-22245",
"lastModified": "2025-07-14T17:22:07.423",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7,
"source": "security@vmware.com",
"type": "Secondary"
}
]
},
"published": "2025-06-04T20:15:22.400",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25738"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-09-27 15:18
Modified
2024-11-21 08:06
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2023-0020.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2023-0020.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | aria_operations | 8.6.0 | |
| vmware | aria_operations | 8.10.0 | |
| vmware | aria_operations | 8.12.0 | |
| vmware | aria_operations | 8.12.0 | |
| vmware | aria_operations | 8.12.0 | |
| vmware | aria_operations | 8.12.0 | |
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:aria_operations:8.6.0:-:*:*:*:*:*:*",
"matchCriteriaId": "687D71FB-3546-4BCD-8FC1-815BB414243C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:aria_operations:8.10.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E76E0C75-6ADD-4507-92DD-0E1F79B915FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:aria_operations:8.12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "97B26BD6-DFDB-462F-8C4A-B08A6E60D4EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:aria_operations:8.12.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "696B20A2-86DE-4C80-9B80-0E2BE7E4B5B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:aria_operations:8.12.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "45A4469B-B86B-41D4-9424-6363DA648898",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:aria_operations:8.12.0:hotfix3:*:*:*:*:*:*",
"matchCriteriaId": "B4014AE6-C095-49A3-9D30-185E9EF50976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBED072F-DE79-41C6-AD4F-02E10BD27FBD",
"versionEndExcluding": "4.4",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3D640F9-7733-415F-8BA7-DC41658EDC76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations contains a local privilege escalation vulnerability.\u00a0A malicious actor with administrative access to the local system can escalate privileges to \u0027root\u0027."
},
{
"lang": "es",
"value": "VMware Aria Operations contiene una vulnerabilidad de escalada de privilegios local. Un actor malicioso con acceso administrativo al sistema local puede escalar privilegios a \"root\"."
}
],
"id": "CVE-2023-34043",
"lastModified": "2024-11-21T08:06:27.723",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-09-27T15:18:52.593",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0020.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-08-30 18:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vRealize Operations Manager API (8.x prior to 8.5) has insecure object reference vulnerability. A malicious actor with administrative access to vRealize Operations Manager API may be able to modify other users information leading to an account takeover.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0018.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0018.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | vrealize_operations_manager | * | |
| vmware | vrealize_operations_manager | 7.5.0 | |
| vmware | vrealize_suite_lifecycle_manager | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE39D06C-8AF4-4978-BCFD-80FB0A36C93A",
"versionEndIncluding": "3.10.2.1",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6A3FA17-BA09-499D-BAC7-053B380DF443",
"versionEndIncluding": "4.2.1",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B12F2BE9-8DA7-4BF0-85C0-0B5D6C4532A8",
"versionEndExcluding": "8.5.0",
"versionStartIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:7.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC6471F-2FB5-4C7A-9B5D-0B08A8E2C08C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4767C7D-8165-43A6-8F16-12F8EE65FDFB",
"versionEndIncluding": "8.2",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vRealize Operations Manager API (8.x prior to 8.5) has insecure object reference vulnerability. A malicious actor with administrative access to vRealize Operations Manager API may be able to modify other users information leading to an account takeover."
},
{
"lang": "es",
"value": "La API de vRealize Operations Manager (versiones 8.x anteriores a 8.5) presenta una vulnerabilidad de referencia a objetos inseguros. Un actor malicioso con acceso administrativo a la API de vRealize Operations Manager puede ser capaz de modificar la informaci\u00f3n de otros usuarios, conllevando a una toma de posesi\u00f3n de la cuenta."
}
],
"id": "CVE-2021-22023",
"lastModified": "2024-11-21T05:49:27.507",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-08-30T18:15:08.277",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-639"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-02-24 17:15
Modified
2025-03-28 16:31
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
The vSphere Client (HTML5) contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue by sending a POST request to vCenter Server plugin leading to information disclosure. This affects: VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 |
{
"cisaActionDue": "2022-03-21",
"cisaExploitAdd": "2022-03-07",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "VMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1995769A-1AB9-47FA-966A-8E82D414161E",
"versionEndExcluding": "3.10.1.2",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A608D809-6E65-4228-9207-CB470529C542",
"versionEndExcluding": "4.2",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*",
"matchCriteriaId": "CF7DDB0C-3C07-4B5E-8B8A-0542FEE72877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*",
"matchCriteriaId": "1DD16169-A7DF-4604-888C-156A60018E32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*",
"matchCriteriaId": "46FC9F34-C8FA-4AFE-9F4A-7CF9516BD4D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*",
"matchCriteriaId": "D26534EB-327B-4ED6-A3E1-005552CB1F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*",
"matchCriteriaId": "786CDD50-7E18-4437-8DB9-2D0ADECD436E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*",
"matchCriteriaId": "B2CE8DAE-0E78-4004-983D-1ECD8855EC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1d:*:*:*:*:*:*",
"matchCriteriaId": "F72A1E9C-F960-4E8C-A46C-B38209E6349E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1e:*:*:*:*:*:*",
"matchCriteriaId": "2C33CE46-F529-4EA9-9344-6ED3BFA7019D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1g:*:*:*:*:*:*",
"matchCriteriaId": "9F1D8161-0E02-45C9-BF61-14799AB65E03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2:*:*:*:*:*:*",
"matchCriteriaId": "1F2CB1FF-6118-4875-945D-07BAA3A21FFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2b:*:*:*:*:*:*",
"matchCriteriaId": "1AEDA28A-5C8E-4E95-A377-3BE530DBEAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2c:*:*:*:*:*:*",
"matchCriteriaId": "BDDC6510-3116-4578-80C8-8EF044A8370A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2d:*:*:*:*:*:*",
"matchCriteriaId": "8678DB48-CB98-4E4C-ADE6-CABA73265FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2g:*:*:*:*:*:*",
"matchCriteriaId": "DBD9A341-1FBF-4E04-848B-550DEB27261A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3:*:*:*:*:*:*",
"matchCriteriaId": "4955663C-1BB6-4F3E-9D4B-362DF144B7F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3d:*:*:*:*:*:*",
"matchCriteriaId": "CE0F8453-3D6C-4F1C-9167-3F02E3D905DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3f:*:*:*:*:*:*",
"matchCriteriaId": "0EAD4045-A7F9-464F-ABB9-3782941162CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3k:*:*:*:*:*:*",
"matchCriteriaId": "2F0A79C2-33AE-40C5-A853-770A4C691F29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*",
"matchCriteriaId": "5241C282-A02B-44B2-B6CA-BA3A99F9737C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*",
"matchCriteriaId": "04A60AC7-C2EA-4DBF-9743-54D708584AFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*",
"matchCriteriaId": "8A91B0C4-F184-459E-AFD3-DE0E351CC964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1:*:*:*:*:*:*",
"matchCriteriaId": "23253631-2655-48A8-9B00-CB984232329C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1b:*:*:*:*:*:*",
"matchCriteriaId": "50C2A9A8-0E66-4702-BCD4-74622108E7A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2:*:*:*:*:*:*",
"matchCriteriaId": "EE4D3E2A-C32D-408F-B811-EF8BC86F0D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2a:*:*:*:*:*:*",
"matchCriteriaId": "31CA7802-D78D-4BAD-A45A-68B601C010C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2c:*:*:*:*:*:*",
"matchCriteriaId": "3B98981B-4721-4752-BAB4-361DB5AEB86F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3:*:*:*:*:*:*",
"matchCriteriaId": "04487105-980A-4943-9360-4442BF0411E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3a:*:*:*:*:*:*",
"matchCriteriaId": "24D24E06-EB3F-4F11-849B-E66757B01466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3b:*:*:*:*:*:*",
"matchCriteriaId": "8AF12716-88E2-44B5-ACD7-BCBECA130FB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3f:*:*:*:*:*:*",
"matchCriteriaId": "3352212C-E820-47B3-BDF5-57018F5B9E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3g:*:*:*:*:*:*",
"matchCriteriaId": "6436ADFD-6B94-4D2A-B09B-CED4EC6CA276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3j:*:*:*:*:*:*",
"matchCriteriaId": "D06832CE-F946-469D-B495-6735F18D02A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
"matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*",
"matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*",
"matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*",
"matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vSphere Client (HTML5) contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue by sending a POST request to vCenter Server plugin leading to information disclosure. This affects: VMware vCenter Server (7.x before 7.0 U1c, 6.7 before 6.7 U3l and 6.5 before 6.5 U3n) and VMware Cloud Foundation (4.x before 4.2 and 3.x before 3.10.1.2)."
},
{
"lang": "es",
"value": "El VSphere Client (HTML5) contiene una vulnerabilidad SSRF (Server Side Request Forgery) debido a una comprobaci\u00f3n inapropiada de las URL en un plugin de vCenter Server.\u0026#xa0;Un actor malicioso con acceso de red al puerto 443 puede explotar este problema mediante el env\u00edo de una petici\u00f3n POST al plugin vCenter Server conllevando a una divulgaci\u00f3n de informaci\u00f3n.\u0026#xa0;Esto afecta a: VMware vCenter Server (versiones 7.x anteriores a 7.0 U1c, versiones 6.7 anteriores a 6.7 U3l y versiones 6.5 anteriores a 6.5 U3n) y VMware Cloud Foundation (versiones 4.x anteriores a 4.2 y versiones 3.x anteriores a 3.10.1.2)"
}
],
"id": "CVE-2021-21973",
"lastModified": "2025-03-28T16:31:11.093",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2021-02-24T17:15:15.923",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0002.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-13 18:15
Modified
2024-11-21 06:47
Severity ?
Summary
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site request forgery vulnerability. A malicious actor can trick a user through a cross site request forgery to unintentionally validate a malicious JDBC URI.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2022-0011.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2022-0011.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | identity_manager | 3.3.3 | |
| vmware | identity_manager | 3.3.4 | |
| vmware | identity_manager | 3.3.5 | |
| vmware | identity_manager | 3.3.6 | |
| vmware | vrealize_automation | * | |
| vmware | vrealize_automation | 7.6 | |
| vmware | vrealize_suite_lifecycle_manager | * | |
| vmware | workspace_one_access | 20.10.0.0 | |
| vmware | workspace_one_access | 20.10.0.1 | |
| vmware | workspace_one_access | 21.08.0.0 | |
| vmware | workspace_one_access | 21.08.0.1 | |
| linux | linux_kernel | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5071E0B4-FE4B-4525-BAF6-3900D9C8D48D",
"versionEndExcluding": "5.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "97D98937-489B-4AA5-B99E-9AB639C582CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0E93CB5E-CB4A-474A-9901-2E098928C489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A215A7D-F644-41DE-AB4E-69145DA48F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBB8190-2101-4EE5-844E-B46E7FB78FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_automation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "370EF5F6-77E2-4EF7-9148-9DA5C52E50F5",
"versionEndExcluding": "9.0",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_automation:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "471BB5AF-3744-45FE-937D-BBEC421035EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC19367B-D2F8-4966-BE2F-12700C9337EC",
"versionEndExcluding": "9.0",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:20.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "639F6029-DE62-49BD-A767-C5D499389C37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:20.10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88AD029C-7707-4F1E-BE7F-2DE27D384538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:21.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "57375AD7-8042-472F-B49E-653C77EAFA48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:21.08.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AC3DC465-1FA7-4F5B-9A9A-12F8FB4CE146",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site request forgery vulnerability. A malicious actor can trick a user through a cross site request forgery to unintentionally validate a malicious JDBC URI."
},
{
"lang": "es",
"value": "VMware Workspace ONE Access, Identity Manager y vRealize Automation contienen una vulnerabilidad de tipo cross site request forgery. Un actor malicioso puede enga\u00f1ar a un usuario mediante un ataque de tipo cross site request forgery para que compruebe involuntariamente un URI JDBC malicioso"
}
],
"id": "CVE-2022-22959",
"lastModified": "2024-11-21T06:47:41.243",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-13T18:15:13.373",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-20 17:15
Modified
2024-11-21 05:32
Severity ?
Summary
VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds write vulnerability due to a time-of-check time-of-use issue in ACPI device. A malicious actor with administrative access to a virtual machine may be able to exploit this vulnerability to crash the virtual machine's vmx process or corrupt hypervisor's memory heap.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2020-0023.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2020-0023.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | esxi | 7.0.0 | |
| vmware | esxi | 7.0.0 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | workstation | * | |
| vmware | workstation_player | * | |
| vmware | fusion | * | |
| apple | mac_os_x | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "70F4DA98-C1D3-489E-958C-B466BEAD772B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:1.20.16321839:*:*:*:*:*:*",
"matchCriteriaId": "0DB30686-F9E0-4845-BFB6-713043B35736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201-ug:*:*:*:*:*:*",
"matchCriteriaId": "7264CDC9-FB2D-45A9-9307-C197B1052477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202-ug:*:*:*:*:*:*",
"matchCriteriaId": "D0538570-759A-441A-BC37-556642C090F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203-ug:*:*:*:*:*:*",
"matchCriteriaId": "9CF906E5-A846-49BA-925B-C6059FD02BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204-ug:*:*:*:*:*:*",
"matchCriteriaId": "7D3D0230-53D4-469F-AD46-74F057F6F9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205-ug:*:*:*:*:*:*",
"matchCriteriaId": "8D8E89CE-C919-4CDF-98BE-BA9A126B36BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206-ug:*:*:*:*:*:*",
"matchCriteriaId": "73DA1453-4756-4C16-9640-B3B0C6F617DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207-ug:*:*:*:*:*:*",
"matchCriteriaId": "589EE886-6927-4AEA-903C-155C23B1747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BDDFA27-0D99-4D98-B00F-5D038488BAAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209-ug:*:*:*:*:*:*",
"matchCriteriaId": "3F931502-8460-4373-92D7-CFD817F4A062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210-ug:*:*:*:*:*:*",
"matchCriteriaId": "287D4E48-4890-46C2-8B9B-1CE484C9D30A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211-ug:*:*:*:*:*:*",
"matchCriteriaId": "A916EB29-ADE4-4D65-BF8E-98B44E466AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212-ug:*:*:*:*:*:*",
"matchCriteriaId": "BC024B88-DEDD-49E5-B668-5B00C212B6A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213-ug:*:*:*:*:*:*",
"matchCriteriaId": "DB9F131B-46BE-44F8-904B-FD0839926B18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214-ug:*:*:*:*:*:*",
"matchCriteriaId": "BA2195E5-3BAD-4E90-BE40-A59C0A6A9EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215-ug:*:*:*:*:*:*",
"matchCriteriaId": "1503D3D9-E1A7-41F9-B26D-0AED8ABE6FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216-ug:*:*:*:*:*:*",
"matchCriteriaId": "7BD28EE0-808D-4A76-B707-F163527608C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217-ug:*:*:*:*:*:*",
"matchCriteriaId": "79225541-575F-44FC-8ED6-24BA6A4128EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218-ug:*:*:*:*:*:*",
"matchCriteriaId": "8A4A62CD-A46B-4612-9DC8-7744E6D5EA40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219-ug:*:*:*:*:*:*",
"matchCriteriaId": "D526CE1D-ED76-44EB-9377-53EF7556E254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220-ug:*:*:*:*:*:*",
"matchCriteriaId": "D7E92A1C-40EB-441B-A634-42609527210A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221-ug:*:*:*:*:*:*",
"matchCriteriaId": "111A10BE-FC5A-4272-9719-1DED62694A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222-ug:*:*:*:*:*:*",
"matchCriteriaId": "FC65FCFC-CD55-401A-8986-A1DBF544D228",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223-ug:*:*:*:*:*:*",
"matchCriteriaId": "EEBD3AEC-284C-44E1-A4CD-010787114737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224-ug:*:*:*:*:*:*",
"matchCriteriaId": "42F87C20-5A00-43C9-A445-50AD716233D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225-ug:*:*:*:*:*:*",
"matchCriteriaId": "C1412AFC-CBE8-4151-B01D-785F11ACAB85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226-ug:*:*:*:*:*:*",
"matchCriteriaId": "6431DD1F-2269-4AFB-B486-9B6373F41C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BA5D0CB-E5B0-4C95-91A7-C662BAE01483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228-ug:*:*:*:*:*:*",
"matchCriteriaId": "A86BDAB4-3924-45A8-9130-517DEA184FA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229-ug:*:*:*:*:*:*",
"matchCriteriaId": "A6EAE07B-2849-4E3B-B8D0-F68E6440A9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*",
"matchCriteriaId": "9969057F-BD3A-474E-8A02-087575A8AA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*",
"matchCriteriaId": "7111974A-2A88-4209-8CBB-F872993AE4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*",
"matchCriteriaId": "35722902-3652-44F1-89C2-08EB51F2A1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*",
"matchCriteriaId": "E469AC46-D464-4960-8F23-CA59B3DCB7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*",
"matchCriteriaId": "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*",
"matchCriteriaId": "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*",
"matchCriteriaId": "739948F5-E005-49E3-B412-4E035C7D95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*",
"matchCriteriaId": "D1828A75-5088-4992-A06B-A58B62536F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*",
"matchCriteriaId": "58030F5A-82E1-4D54-A8F0-30CAAD4C8402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*",
"matchCriteriaId": "9A013753-5E40-4CD8-A649-6CD023E0A970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*",
"matchCriteriaId": "F554BC79-A92C-4287-9D94-3657C48E36CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*",
"matchCriteriaId": "F82710D4-3FAB-469F-B15C-F22B4786AE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*",
"matchCriteriaId": "BDE7B96D-AD37-406D-AF62-3797E7A55119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*",
"matchCriteriaId": "A9C294EC-F0BE-44DA-9073-D29D693F0964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*",
"matchCriteriaId": "E05B6CD2-A581-46C2-AEA7-D8A6028FB466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*",
"matchCriteriaId": "6CEC1380-E75E-40B5-BDE8-94E12317CCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*",
"matchCriteriaId": "C7B7079D-785C-4941-929A-C82B54809728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*",
"matchCriteriaId": "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*",
"matchCriteriaId": "31F8FFF5-25BD-408D-9089-567AF16BA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*",
"matchCriteriaId": "EE834CFD-5533-4989-8836-D0F07ED4919C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*",
"matchCriteriaId": "092F9149-6B82-48CD-B90C-87DB36881F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*",
"matchCriteriaId": "B2EA0EC1-0139-403C-AC9B-08D8530F4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*",
"matchCriteriaId": "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*",
"matchCriteriaId": "755CCD27-3C87-497F-BDBB-48D3163909A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*",
"matchCriteriaId": "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*",
"matchCriteriaId": "1CE71B5C-586B-4829-9A7E-3A008A1C1E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*",
"matchCriteriaId": "802A1549-678C-4001-807B-97AD0953B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*",
"matchCriteriaId": "A6024926-4AE4-4609-99DE-E3173A72058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*",
"matchCriteriaId": "AB1CAAFF-616A-4455-86CA-0ED553D3D27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*",
"matchCriteriaId": "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*",
"matchCriteriaId": "13C713B1-AEA0-40B0-829E-4D0A23808577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004301:*:*:*:*:*:*",
"matchCriteriaId": "04BAED99-1BF3-4089-B6E6-0BE505E6D846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004401:*:*:*:*:*:*",
"matchCriteriaId": "F318EA34-1EB7-484D-B016-3173683B0823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004402:*:*:*:*:*:*",
"matchCriteriaId": "08254171-3483-4796-AD29-8C8A66BEA7A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004403:*:*:*:*:*:*",
"matchCriteriaId": "BB87B220-ED25-4818-8E70-A9663CCEF005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004404:*:*:*:*:*:*",
"matchCriteriaId": "1275D19D-05C0-42F8-8402-647E512DAC72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004405:*:*:*:*:*:*",
"matchCriteriaId": "7D919EB9-F45B-4A4B-9887-7DE98065B766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004406:*:*:*:*:*:*",
"matchCriteriaId": "6CB29FBD-2AD3-49D0-9F49-AE4DD9192C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004407:*:*:*:*:*:*",
"matchCriteriaId": "C2ACA3A8-5B40-45C4-B47F-0DCF04D6700F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004408:*:*:*:*:*:*",
"matchCriteriaId": "92E98665-4919-4D45-88CF-28835DADD6E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C0A275B7-DBF3-4332-8B5F-C9CAD84229B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202008001:*:*:*:*:*:*",
"matchCriteriaId": "497F58A2-0A2C-4A59-A73B-31C956EF3CD9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:2:*:*:*:*:*:*",
"matchCriteriaId": "60405BAB-A6C6-4AD8-A5D2-EAD114FE931F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*",
"matchCriteriaId": "7F916A39-13BD-44A7-A9EC-1FD40EBE357C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*",
"matchCriteriaId": "4F8219B4-1FC2-4383-83E6-92DF700C72D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*",
"matchCriteriaId": "C44C9D6A-8BBE-4970-A732-B9F86D42A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*",
"matchCriteriaId": "427F4ED8-8782-4BDF-A559-11CB8E0A65F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*",
"matchCriteriaId": "63DDC95E-BBCD-4A68-9AFB-B5F9D206818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*",
"matchCriteriaId": "B27E3424-5D4E-4E5D-8762-7AECBB11FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2D217AAB-D45F-480B-8F82-16B261F370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*",
"matchCriteriaId": "1B58312B-D72B-4F13-9EF5-0F42CE592757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*",
"matchCriteriaId": "8FBB88C2-793A-40F2-AA40-EC315115AE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*",
"matchCriteriaId": "21F59801-904B-427F-A1A9-C933E38AB7AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*",
"matchCriteriaId": "5A3FFDE9-FD36-41F9-AC35-E14BB6AEF7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*",
"matchCriteriaId": "D22AFAE1-F817-4037-8EE5-AF04314AAAB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*",
"matchCriteriaId": "8D4C44D6-73AD-48A3-B5F3-31B1FDC77E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*",
"matchCriteriaId": "5D1694B2-1CD9-4943-8CFF-38218CDB88F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*",
"matchCriteriaId": "154B54C8-1D65-4D3E-A64B-CF2D21E71FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*",
"matchCriteriaId": "D86BCD56-4BD6-4C61-B80E-12E47D12A00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*",
"matchCriteriaId": "6741A159-1D92-4E25-BD43-606DE1138D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*",
"matchCriteriaId": "DCC98C53-EEC1-4CFE-9C31-9F2592723B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C565246C-896C-4E48-8C24-344C9B0A3057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202007001:*:*:*:*:*:*",
"matchCriteriaId": "8479F377-4F47-433D-867D-A94A4B0E46EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD43625B-DBC4-460B-A7DA-F1EA254806DB",
"versionEndExcluding": "3.10.1",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2A68886-4079-4BE1-9E51-6022ED680B86",
"versionEndExcluding": "4.1",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:pro:*:*:*",
"matchCriteriaId": "6379C7C4-38B7-4A40-BAA4-D99A760E6FF6",
"versionEndIncluding": "15.5.6",
"versionStartIncluding": "15.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "514A55BF-11F2-4ECE-BAD5-DEA9A4FADC40",
"versionEndIncluding": "15.5.6",
"versionStartIncluding": "15.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF0DDB53-0355-48F7-AE05-DCACBB14F6F8",
"versionEndExcluding": "11.5.6",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds write vulnerability due to a time-of-check time-of-use issue in ACPI device. A malicious actor with administrative access to a virtual machine may be able to exploit this vulnerability to crash the virtual machine\u0027s vmx process or corrupt hypervisor\u0027s memory heap."
},
{
"lang": "es",
"value": "VMware ESXi (versiones 7.0 anteriores a ESXi_7.0.1-0.0.16850804, versiones 6.7 anteriores a ESXi670-202008101-SG, versiones 6.5 anteriores a ESXi650-202007101-SG), Workstation (versiones 15.x), Fusion (versiones 11.x anteriores a de 11.5.6), contienen una vulnerabilidad de escritura fuera de l\u00edmites debido a un problema time-of-check time-of-use en el dispositivo ACPI.\u0026#xa0;Un actor malicioso con acceso administrativo a una m\u00e1quina virtual puede ser capaz de explotar esta vulnerabilidad para bloquear el proceso vmx de la m\u00e1quina virtual o corromper la pila de la memoria del hipervisor"
}
],
"id": "CVE-2020-3982",
"lastModified": "2024-11-21T05:32:06.553",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 5.8,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-20T17:15:12.733",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-367"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-12 21:15
Modified
2025-01-27 17:15
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.10.0 | |
| vmware | vrealize_operations | 8.10.0 | |
| vmware | vrealize_operations | 8.10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF004A8-90A0-4804-97DA-C2C2005A54AA",
"versionEndIncluding": "4.5",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C2EC4ADE-5538-4D36-B8E3-054F3741287D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "2774F1D5-F310-493D-933A-0620972B1C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "6C147941-9563-45DE-86FB-7842410F2842",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix4:*:*:*:*:*:*",
"matchCriteriaId": "2D94B6D3-035A-467D-8BAB-E6D1798C4540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix5:*:*:*:*:*:*",
"matchCriteriaId": "5455A916-25B6-4D67-94E7-AA2E9E266C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix6:*:*:*:*:*:*",
"matchCriteriaId": "63DEF44F-4563-4CC9-9725-B0515C766621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix8:*:*:*:*:*:*",
"matchCriteriaId": "481DFF79-E580-4148-9739-A04322DB9082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix9:*:*:*:*:*:*",
"matchCriteriaId": "02B76ED1-AF32-4C2E-B563-0BDAAFCCCB7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.10.0:-:*:*:*:*:*:*",
"matchCriteriaId": "0C75768C-AAA3-476F-A08E-F166D98670DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.10.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "C827142B-2311-4B19-B5A6-5E80D5D600CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.10.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "35B4677F-8DD9-476B-9A9E-F7ED31758BC2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system."
}
],
"id": "CVE-2023-20879",
"lastModified": "2025-01-27T17:15:10.337",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-05-12T21:15:09.133",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0009.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-25 15:15
Modified
2024-11-21 05:32
Severity ?
Summary
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a heap-overflow due to a race condition issue in the USB 2.0 controller (EHCI). A malicious actor with local access to a virtual machine may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker's control must be present for exploitation to be possible.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2020-0015.html | Vendor Advisory | |
| security@vmware.com | https://www.zerodayinitiative.com/advisories/ZDI-20-783/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2020-0015.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-20-783/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | fusion | * | |
| vmware | workstation | * | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 7.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F22BFA96-7E07-4E05-90A4-45A2F2FC2064",
"versionEndExcluding": "3.10",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02A5A8AC-4C6C-4E95-B730-00783FB79DFF",
"versionEndExcluding": "4.0.1",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7448F9A-9D9B-47BC-ACD1-18199A70D148",
"versionEndExcluding": "11.5.2",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A3302D-706B-4260-8407-121D7C2F0867",
"versionEndExcluding": "15.5.2",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*",
"matchCriteriaId": "7F916A39-13BD-44A7-A9EC-1FD40EBE357C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*",
"matchCriteriaId": "4F8219B4-1FC2-4383-83E6-92DF700C72D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*",
"matchCriteriaId": "C44C9D6A-8BBE-4970-A732-B9F86D42A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*",
"matchCriteriaId": "427F4ED8-8782-4BDF-A559-11CB8E0A65F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*",
"matchCriteriaId": "63DDC95E-BBCD-4A68-9AFB-B5F9D206818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*",
"matchCriteriaId": "B27E3424-5D4E-4E5D-8762-7AECBB11FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2D217AAB-D45F-480B-8F82-16B261F370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*",
"matchCriteriaId": "1B58312B-D72B-4F13-9EF5-0F42CE592757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*",
"matchCriteriaId": "8FBB88C2-793A-40F2-AA40-EC315115AE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*",
"matchCriteriaId": "21F59801-904B-427F-A1A9-C933E38AB7AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*",
"matchCriteriaId": "5A3FFDE9-FD36-41F9-AC35-E14BB6AEF7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*",
"matchCriteriaId": "D22AFAE1-F817-4037-8EE5-AF04314AAAB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*",
"matchCriteriaId": "8D4C44D6-73AD-48A3-B5F3-31B1FDC77E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*",
"matchCriteriaId": "5D1694B2-1CD9-4943-8CFF-38218CDB88F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*",
"matchCriteriaId": "154B54C8-1D65-4D3E-A64B-CF2D21E71FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*",
"matchCriteriaId": "D86BCD56-4BD6-4C61-B80E-12E47D12A00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*",
"matchCriteriaId": "6741A159-1D92-4E25-BD43-606DE1138D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*",
"matchCriteriaId": "DCC98C53-EEC1-4CFE-9C31-9F2592723B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*",
"matchCriteriaId": "9969057F-BD3A-474E-8A02-087575A8AA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*",
"matchCriteriaId": "7111974A-2A88-4209-8CBB-F872993AE4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*",
"matchCriteriaId": "35722902-3652-44F1-89C2-08EB51F2A1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*",
"matchCriteriaId": "E469AC46-D464-4960-8F23-CA59B3DCB7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*",
"matchCriteriaId": "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*",
"matchCriteriaId": "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*",
"matchCriteriaId": "739948F5-E005-49E3-B412-4E035C7D95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*",
"matchCriteriaId": "D1828A75-5088-4992-A06B-A58B62536F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*",
"matchCriteriaId": "58030F5A-82E1-4D54-A8F0-30CAAD4C8402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*",
"matchCriteriaId": "9A013753-5E40-4CD8-A649-6CD023E0A970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*",
"matchCriteriaId": "F554BC79-A92C-4287-9D94-3657C48E36CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*",
"matchCriteriaId": "F82710D4-3FAB-469F-B15C-F22B4786AE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*",
"matchCriteriaId": "BDE7B96D-AD37-406D-AF62-3797E7A55119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*",
"matchCriteriaId": "A9C294EC-F0BE-44DA-9073-D29D693F0964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*",
"matchCriteriaId": "E05B6CD2-A581-46C2-AEA7-D8A6028FB466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*",
"matchCriteriaId": "6CEC1380-E75E-40B5-BDE8-94E12317CCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*",
"matchCriteriaId": "C7B7079D-785C-4941-929A-C82B54809728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*",
"matchCriteriaId": "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*",
"matchCriteriaId": "31F8FFF5-25BD-408D-9089-567AF16BA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*",
"matchCriteriaId": "EE834CFD-5533-4989-8836-D0F07ED4919C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*",
"matchCriteriaId": "092F9149-6B82-48CD-B90C-87DB36881F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*",
"matchCriteriaId": "B2EA0EC1-0139-403C-AC9B-08D8530F4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*",
"matchCriteriaId": "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*",
"matchCriteriaId": "755CCD27-3C87-497F-BDBB-48D3163909A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*",
"matchCriteriaId": "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*",
"matchCriteriaId": "1CE71B5C-586B-4829-9A7E-3A008A1C1E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*",
"matchCriteriaId": "802A1549-678C-4001-807B-97AD0953B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*",
"matchCriteriaId": "A6024926-4AE4-4609-99DE-E3173A72058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*",
"matchCriteriaId": "AB1CAAFF-616A-4455-86CA-0ED553D3D27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*",
"matchCriteriaId": "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*",
"matchCriteriaId": "13C713B1-AEA0-40B0-829E-4D0A23808577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "70F4DA98-C1D3-489E-958C-B466BEAD772B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a heap-overflow due to a race condition issue in the USB 2.0 controller (EHCI). A malicious actor with local access to a virtual machine may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker\u0027s control must be present for exploitation to be possible."
},
{
"lang": "es",
"value": "VMware ESXi (versiones 7.0 anteriores a ESXi_7.0.0-1.20.16321839, versiones 6.7 anteriores a ESXi670-202004101-SG y versiones 6.5 anteriores a ESXi650-202005401-SG), Workstation (versiones 15.x anteriores a 15.5.2) y Fusion (versiones 11.x anteriores a 11.5. 2), contiene un desbordamiento de la pila debido a un problema de condici\u00f3n de carrera en el controlador USB 2.0 (EHCI). Un actor malicioso con acceso local a una m\u00e1quina virtual puede ser capaz de explotar esta vulnerabilidad para ejecutar c\u00f3digo en el hipervisor desde una m\u00e1quina virtual. Unas condiciones adicionales m\u00e1s all\u00e1 del control del atacante deben estar presentes para que la explotaci\u00f3n puedan ser posible"
}
],
"id": "CVE-2020-3966",
"lastModified": "2024-11-21T05:32:04.593",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-25T15:15:11.257",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"source": "security@vmware.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-783/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-783/"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-12 21:15
Modified
2025-01-27 18:15
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.6.0 | |
| vmware | vrealize_operations | 8.10.0 | |
| vmware | vrealize_operations | 8.10.0 | |
| vmware | vrealize_operations | 8.10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF004A8-90A0-4804-97DA-C2C2005A54AA",
"versionEndIncluding": "4.5",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C2EC4ADE-5538-4D36-B8E3-054F3741287D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "2774F1D5-F310-493D-933A-0620972B1C14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "6C147941-9563-45DE-86FB-7842410F2842",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix4:*:*:*:*:*:*",
"matchCriteriaId": "2D94B6D3-035A-467D-8BAB-E6D1798C4540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix5:*:*:*:*:*:*",
"matchCriteriaId": "5455A916-25B6-4D67-94E7-AA2E9E266C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix6:*:*:*:*:*:*",
"matchCriteriaId": "63DEF44F-4563-4CC9-9725-B0515C766621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix8:*:*:*:*:*:*",
"matchCriteriaId": "481DFF79-E580-4148-9739-A04322DB9082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix9:*:*:*:*:*:*",
"matchCriteriaId": "02B76ED1-AF32-4C2E-B563-0BDAAFCCCB7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.10.0:-:*:*:*:*:*:*",
"matchCriteriaId": "0C75768C-AAA3-476F-A08E-F166D98670DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.10.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "C827142B-2311-4B19-B5A6-5E80D5D600CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.10.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "35B4677F-8DD9-476B-9A9E-F7ED31758BC2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation."
}
],
"id": "CVE-2023-20877",
"lastModified": "2025-01-27T18:15:32.293",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-05-12T21:15:09.043",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0009.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 12:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vCenter Server contains a reverse proxy bypass vulnerability due to the way the endpoints handle the URI. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to access restricted endpoints.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5071E0B4-FE4B-4525-BAF6-3900D9C8D48D",
"versionEndExcluding": "5.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a reverse proxy bypass vulnerability due to the way the endpoints handle the URI. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to access restricted endpoints."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de omisi\u00f3n de proxy inverso debido a la forma en que los endpoints manejan el URI. Un actor malicioso con acceso a la red al puerto 443 de vCenter Server puede explotar este problema para acceder a endpoints restringidos"
}
],
"id": "CVE-2021-22006",
"lastModified": "2024-11-21T05:49:25.653",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T12:15:07.753",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 12:15
Modified
2025-04-02 16:59
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://packetstormsecurity.com/files/164439/VMware-vCenter-Server-Analytics-CEIP-Service-File-Upload.html | Exploit, Third Party Advisory, VDB Entry | |
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/164439/VMware-vCenter-Server-Analytics-CEIP-Service-File-Upload.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 |
{
"cisaActionDue": "2021-11-17",
"cisaExploitAdd": "2021-11-03",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "VMware vCenter Server File Upload Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5071E0B4-FE4B-4525-BAF6-3900D9C8D48D",
"versionEndExcluding": "5.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de carga de archivos arbitraria en el servicio Analytics. Un actor malicioso con acceso de red al puerto 443 en vCenter Server puede explotar este problema para ejecutar c\u00f3digo en vCenter Server cargando un archivo especialmente dise\u00f1ado"
}
],
"id": "CVE-2021-22005",
"lastModified": "2025-04-02T16:59:19.810",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2021-09-23T12:15:07.707",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/164439/VMware-vCenter-Server-Analytics-CEIP-Service-File-Upload.html"
},
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/164439/VMware-vCenter-Server-Analytics-CEIP-Service-File-Upload.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-11 20:15
Modified
2025-03-12 20:01
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://packetstormsecurity.com/files/166935/VMware-Workspace-ONE-Access-Template-Injection-Command-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2022-0011.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/166935/VMware-Workspace-ONE-Access-Template-Injection-Command-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2022-0011.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | identity_manager | 3.3.3 | |
| vmware | identity_manager | 3.3.4 | |
| vmware | identity_manager | 3.3.5 | |
| vmware | identity_manager | 3.3.6 | |
| vmware | vrealize_automation | * | |
| vmware | vrealize_automation | 7.6 | |
| vmware | workspace_one_access | 20.10.0.0 | |
| vmware | workspace_one_access | 20.10.0.1 | |
| vmware | workspace_one_access | 21.08.0.0 | |
| vmware | workspace_one_access | 21.08.0.1 | |
| linux | linux_kernel | - | |
| vmware | cloud_foundation | * | |
| vmware | vrealize_suite_lifecycle_manager | * |
{
"cisaActionDue": "2022-05-05",
"cisaExploitAdd": "2022-04-14",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "VMware Workspace ONE Access and Identity Manager Server-Side Template Injection Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "97D98937-489B-4AA5-B99E-9AB639C582CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0E93CB5E-CB4A-474A-9901-2E098928C489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A215A7D-F644-41DE-AB4E-69145DA48F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBB8190-2101-4EE5-844E-B46E7FB78FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_automation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F5937FC-B5FF-432C-9120-7138D0FD7665",
"versionEndIncluding": "8.6",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_automation:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "471BB5AF-3744-45FE-937D-BBEC421035EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:20.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "639F6029-DE62-49BD-A767-C5D499389C37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:20.10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88AD029C-7707-4F1E-BE7F-2DE27D384538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:21.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "57375AD7-8042-472F-B49E-653C77EAFA48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:21.08.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AC3DC465-1FA7-4F5B-9A9A-12F8FB4CE146",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8BA79AC0-A0CC-4EE6-AEF5-9B8C8EA2C9F1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "326A2867-797D-4AA9-8D2C-43E8CDA0BCFC",
"versionEndIncluding": "4.3.1",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4767C7D-8165-43A6-8F16-12F8EE65FDFB",
"versionEndIncluding": "8.2",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution."
},
{
"lang": "es",
"value": "VMware Workspace ONE Access y Identity Manager contienen una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota debido a una inyecci\u00f3n de plantillas del lado del servidor. Un actor malicioso con acceso a la red puede desencadenar una inyecci\u00f3n de plantillas del lado del servidor que puede resultar en la ejecuci\u00f3n de c\u00f3digo remota"
}
],
"id": "CVE-2022-22954",
"lastModified": "2025-03-12T20:01:47.123",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-04-11T20:15:19.890",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/166935/VMware-Workspace-ONE-Access-Template-Injection-Command-Execution.html"
},
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/166935/VMware-Workspace-ONE-Access-Template-Injection-Command-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-16 17:15
Modified
2024-11-21 05:49
Severity ?
Summary
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2022-0004.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2022-0004.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | fusion | * | |
| vmware | workstation_player | * | |
| vmware | workstation_pro | * | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28769D3C-0C46-4E6B-A8E2-75A7B64B1D47",
"versionEndExcluding": "3.11",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBED072F-DE79-41C6-AD4F-02E10BD27FBD",
"versionEndExcluding": "4.4",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6735BF82-477F-498C-90E6-A744DECEEB1E",
"versionEndExcluding": "12.2.1",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "004F4859-2B2B-472E-A135-122B46BBE427",
"versionEndExcluding": "16.2.1",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "59A4C2DD-155D-41F0-9A03-40FD949BDBCD",
"versionEndExcluding": "16.2.1",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202202401:*:*:*:*:*:*",
"matchCriteriaId": "4C47BEFC-1434-4676-A123-359A500F19BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201-ug:*:*:*:*:*:*",
"matchCriteriaId": "7264CDC9-FB2D-45A9-9307-C197B1052477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202-ug:*:*:*:*:*:*",
"matchCriteriaId": "D0538570-759A-441A-BC37-556642C090F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203-ug:*:*:*:*:*:*",
"matchCriteriaId": "9CF906E5-A846-49BA-925B-C6059FD02BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204-ug:*:*:*:*:*:*",
"matchCriteriaId": "7D3D0230-53D4-469F-AD46-74F057F6F9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205-ug:*:*:*:*:*:*",
"matchCriteriaId": "8D8E89CE-C919-4CDF-98BE-BA9A126B36BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206-ug:*:*:*:*:*:*",
"matchCriteriaId": "73DA1453-4756-4C16-9640-B3B0C6F617DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207-ug:*:*:*:*:*:*",
"matchCriteriaId": "589EE886-6927-4AEA-903C-155C23B1747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BDDFA27-0D99-4D98-B00F-5D038488BAAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209-ug:*:*:*:*:*:*",
"matchCriteriaId": "3F931502-8460-4373-92D7-CFD817F4A062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210-ug:*:*:*:*:*:*",
"matchCriteriaId": "287D4E48-4890-46C2-8B9B-1CE484C9D30A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211-ug:*:*:*:*:*:*",
"matchCriteriaId": "A916EB29-ADE4-4D65-BF8E-98B44E466AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212-ug:*:*:*:*:*:*",
"matchCriteriaId": "BC024B88-DEDD-49E5-B668-5B00C212B6A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213-ug:*:*:*:*:*:*",
"matchCriteriaId": "DB9F131B-46BE-44F8-904B-FD0839926B18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214-ug:*:*:*:*:*:*",
"matchCriteriaId": "BA2195E5-3BAD-4E90-BE40-A59C0A6A9EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215-ug:*:*:*:*:*:*",
"matchCriteriaId": "1503D3D9-E1A7-41F9-B26D-0AED8ABE6FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216-ug:*:*:*:*:*:*",
"matchCriteriaId": "7BD28EE0-808D-4A76-B707-F163527608C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217-ug:*:*:*:*:*:*",
"matchCriteriaId": "79225541-575F-44FC-8ED6-24BA6A4128EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218-ug:*:*:*:*:*:*",
"matchCriteriaId": "8A4A62CD-A46B-4612-9DC8-7744E6D5EA40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219-ug:*:*:*:*:*:*",
"matchCriteriaId": "D526CE1D-ED76-44EB-9377-53EF7556E254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220-ug:*:*:*:*:*:*",
"matchCriteriaId": "D7E92A1C-40EB-441B-A634-42609527210A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221-ug:*:*:*:*:*:*",
"matchCriteriaId": "111A10BE-FC5A-4272-9719-1DED62694A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222-ug:*:*:*:*:*:*",
"matchCriteriaId": "FC65FCFC-CD55-401A-8986-A1DBF544D228",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223-ug:*:*:*:*:*:*",
"matchCriteriaId": "EEBD3AEC-284C-44E1-A4CD-010787114737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224-ug:*:*:*:*:*:*",
"matchCriteriaId": "42F87C20-5A00-43C9-A445-50AD716233D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225-ug:*:*:*:*:*:*",
"matchCriteriaId": "C1412AFC-CBE8-4151-B01D-785F11ACAB85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226-ug:*:*:*:*:*:*",
"matchCriteriaId": "6431DD1F-2269-4AFB-B486-9B6373F41C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BA5D0CB-E5B0-4C95-91A7-C662BAE01483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228-ug:*:*:*:*:*:*",
"matchCriteriaId": "A86BDAB4-3924-45A8-9130-517DEA184FA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229-ug:*:*:*:*:*:*",
"matchCriteriaId": "A6EAE07B-2849-4E3B-B8D0-F68E6440A9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*",
"matchCriteriaId": "9969057F-BD3A-474E-8A02-087575A8AA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*",
"matchCriteriaId": "7111974A-2A88-4209-8CBB-F872993AE4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*",
"matchCriteriaId": "35722902-3652-44F1-89C2-08EB51F2A1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*",
"matchCriteriaId": "E469AC46-D464-4960-8F23-CA59B3DCB7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*",
"matchCriteriaId": "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*",
"matchCriteriaId": "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*",
"matchCriteriaId": "739948F5-E005-49E3-B412-4E035C7D95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*",
"matchCriteriaId": "D1828A75-5088-4992-A06B-A58B62536F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*",
"matchCriteriaId": "58030F5A-82E1-4D54-A8F0-30CAAD4C8402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*",
"matchCriteriaId": "9A013753-5E40-4CD8-A649-6CD023E0A970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*",
"matchCriteriaId": "F554BC79-A92C-4287-9D94-3657C48E36CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*",
"matchCriteriaId": "F82710D4-3FAB-469F-B15C-F22B4786AE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*",
"matchCriteriaId": "BDE7B96D-AD37-406D-AF62-3797E7A55119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*",
"matchCriteriaId": "A9C294EC-F0BE-44DA-9073-D29D693F0964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*",
"matchCriteriaId": "E05B6CD2-A581-46C2-AEA7-D8A6028FB466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*",
"matchCriteriaId": "6CEC1380-E75E-40B5-BDE8-94E12317CCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*",
"matchCriteriaId": "C7B7079D-785C-4941-929A-C82B54809728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*",
"matchCriteriaId": "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*",
"matchCriteriaId": "31F8FFF5-25BD-408D-9089-567AF16BA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*",
"matchCriteriaId": "EE834CFD-5533-4989-8836-D0F07ED4919C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*",
"matchCriteriaId": "092F9149-6B82-48CD-B90C-87DB36881F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*",
"matchCriteriaId": "B2EA0EC1-0139-403C-AC9B-08D8530F4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*",
"matchCriteriaId": "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*",
"matchCriteriaId": "755CCD27-3C87-497F-BDBB-48D3163909A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201911001:*:*:*:*:*:*",
"matchCriteriaId": "2130E67D-7F2A-4D82-BEFD-BA42B6B6FDA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*",
"matchCriteriaId": "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*",
"matchCriteriaId": "1CE71B5C-586B-4829-9A7E-3A008A1C1E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*",
"matchCriteriaId": "802A1549-678C-4001-807B-97AD0953B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*",
"matchCriteriaId": "A6024926-4AE4-4609-99DE-E3173A72058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*",
"matchCriteriaId": "AB1CAAFF-616A-4455-86CA-0ED553D3D27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*",
"matchCriteriaId": "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*",
"matchCriteriaId": "13C713B1-AEA0-40B0-829E-4D0A23808577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004301:*:*:*:*:*:*",
"matchCriteriaId": "04BAED99-1BF3-4089-B6E6-0BE505E6D846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004401:*:*:*:*:*:*",
"matchCriteriaId": "F318EA34-1EB7-484D-B016-3173683B0823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004402:*:*:*:*:*:*",
"matchCriteriaId": "08254171-3483-4796-AD29-8C8A66BEA7A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004403:*:*:*:*:*:*",
"matchCriteriaId": "BB87B220-ED25-4818-8E70-A9663CCEF005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004404:*:*:*:*:*:*",
"matchCriteriaId": "1275D19D-05C0-42F8-8402-647E512DAC72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004405:*:*:*:*:*:*",
"matchCriteriaId": "7D919EB9-F45B-4A4B-9887-7DE98065B766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004406:*:*:*:*:*:*",
"matchCriteriaId": "6CB29FBD-2AD3-49D0-9F49-AE4DD9192C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004407:*:*:*:*:*:*",
"matchCriteriaId": "C2ACA3A8-5B40-45C4-B47F-0DCF04D6700F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004408:*:*:*:*:*:*",
"matchCriteriaId": "92E98665-4919-4D45-88CF-28835DADD6E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C0A275B7-DBF3-4332-8B5F-C9CAD84229B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202008001:*:*:*:*:*:*",
"matchCriteriaId": "497F58A2-0A2C-4A59-A73B-31C956EF3CD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202010001:*:*:*:*:*:*",
"matchCriteriaId": "18E8632C-E442-4F18-BFE2-96AE5C839F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202011001:*:*:*:*:*:*",
"matchCriteriaId": "13D69B99-CB36-45DD-9FD9-C58186998200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202011002:*:*:*:*:*:*",
"matchCriteriaId": "EF0BC157-1834-46D8-9BF9-0CE9648C7D8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202102001:*:*:*:*:*:*",
"matchCriteriaId": "728136B6-47A7-42BC-9464-7745E4F2B4FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202103001:*:*:*:*:*:*",
"matchCriteriaId": "3967967A-E0A5-45B3-999C-D749A9B0C791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202111101:*:*:*:*:*:*",
"matchCriteriaId": "644588BB-2A6D-481C-9B2F-756C23B989DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "D3E3A02D-6C1E-4DE8-B845-60F53C056F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "4ADC3CFF-7415-46A5-817A-2F053B261E8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host."
},
{
"lang": "es",
"value": "VMware ESXi, Workstation y Fusion contienen una vulnerabilidad de uso de memoria previamente liberada en el controlador USB XHCI. Un actor malicioso con privilegios administrativos locales en una m\u00e1quina virtual puede aprovechar este problema para ejecutar c\u00f3digo como el proceso VMX de la m\u00e1quina virtual que es ejecutada en el host"
}
],
"id": "CVE-2021-22040",
"lastModified": "2024-11-21T05:49:29.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-16T17:15:10.413",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-05 18:15
Modified
2025-05-07 15:35
Severity ?
9.3 (Critical) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | workstation | * | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | fusion | * | |
| apple | macos | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D725D84-6426-459F-9B49-ADE7A13FA19A",
"versionEndIncluding": "5.0",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0BFB423-5C6D-40F3-960A-53D9955E7621",
"versionEndExcluding": "17.5.1",
"versionStartIncluding": "17.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
"matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "238E7AF4-722B-423D-ABB1-424286B06715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "1E4DE8C7-72FB-4BEC-AD9E-378786295011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1e:*:*:*:*:*:*",
"matchCriteriaId": "2E6DE184-35C8-4A13-91D4-4B43E9F0168C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "D3E3A02D-6C1E-4DE8-B845-60F53C056F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*",
"matchCriteriaId": "12D385F0-DB2B-4802-AD0E-31441DA056B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*",
"matchCriteriaId": "2C202879-9230-4E1D-BAB8-4FB7CE4BBC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*",
"matchCriteriaId": "CC6DC107-5142-4155-A33B-D5BE72E9ED38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2e:*:*:*:*:*:*",
"matchCriteriaId": "39817170-5C45-4F8A-916D-81B7352055DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "4ADC3CFF-7415-46A5-817A-2F053B261E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*",
"matchCriteriaId": "A2F831A7-544E-4B45-BA49-7F7A0234579C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*",
"matchCriteriaId": "80A0DD2E-F1CC-413B-91F9-E3986011A0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3e:*:*:*:*:*:*",
"matchCriteriaId": "C77771B2-BC64-47A5-B6DB-9CBCC4456B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3f:*:*:*:*:*:*",
"matchCriteriaId": "86DE9CE6-F6C0-47D2-B3AB-34852A8B9603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3g:*:*:*:*:*:*",
"matchCriteriaId": "E75B2F03-702E-4359-9BB2-E234F1DC38C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3i:*:*:*:*:*:*",
"matchCriteriaId": "ACAA9494-5248-4B01-8BC1-C38AB615FFD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3j:*:*:*:*:*:*",
"matchCriteriaId": "BF12014B-BF2B-42EF-B70C-59CDA8E2176F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3k:*:*:*:*:*:*",
"matchCriteriaId": "F965D853-EE4A-41F5-840B-2D009ACC9754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3l:*:*:*:*:*:*",
"matchCriteriaId": "BA7B7313-FF53-43C9-AF4D-B639053D3FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3m:*:*:*:*:*:*",
"matchCriteriaId": "9FB5738F-27E4-42C6-BD1B-F7F66A7EF0A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3n:*:*:*:*:*:*",
"matchCriteriaId": "FC3668A6-262B-42BF-9E90-28BAA9BB3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3o:*:*:*:*:*:*",
"matchCriteriaId": "DA4E9185-44BA-41E6-8600-C8616E199334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:b:*:*:*:*:*:*",
"matchCriteriaId": "BC6F088D-0404-4588-9788-7A5903C5BC82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "7A1A402A-9262-4B97-A0B7-E5AE045E394D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:a:*:*:*:*:*:*",
"matchCriteriaId": "FE44B379-9943-4DD1-8514-26F87482AFA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:b:*:*:*:*:*:*",
"matchCriteriaId": "2A797377-8945-4D75-AA68-A768855E5842",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:c:*:*:*:*:*:*",
"matchCriteriaId": "79D84D76-54BE-49E9-905C-7D65B4B42D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2F8767F7-7C3D-457D-9EAC-E8A30796F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "29AF8474-2D7A-4C5A-82B9-7A873AD90C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "7781A2CA-D927-48CD-9932-AE42B7BA1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "360C1B71-5360-4379-B0DE-63BB8F5E6DA2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "50649AB8-57FD-4210-A7F4-3AD7D00F6A91",
"versionEndExcluding": "13.5.1",
"versionStartIncluding": "13.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller.\u00a0A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed."
},
{
"lang": "es",
"value": "VMware ESXi, Workstation y Fusion contienen una vulnerabilidad de Use After Free en el controlador USB UHCI. Un actor malintencionado con privilegios administrativos locales en una m\u00e1quina virtual puede aprovechar este problema para ejecutar c\u00f3digo como el proceso VMX de la m\u00e1quina virtual que se ejecuta en el host. En ESXi, la explotaci\u00f3n est\u00e1 contenida dentro del entorno limitado de VMX, mientras que, en Workstation y Fusion, esto puede provocar la ejecuci\u00f3n de c\u00f3digo en la m\u00e1quina donde est\u00e1 instalado Workstation o Fusion."
}
],
"id": "CVE-2024-22253",
"lastModified": "2025-05-07T15:35:46.910",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 6.0,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-05T18:15:47.920",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-04 22:15
Modified
2024-11-21 05:49
Severity ?
Summary
VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0) contains a heap-overflow vulnerability in CD-ROM device emulation. A malicious actor with access to a virtual machine with CD-ROM device emulation may be able to exploit this vulnerability in conjunction with other issues to execute code on the hypervisor from a virtual machine.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://packetstormsecurity.com/files/165440/VMware-Security-Advisory-2022-0001.html | Third Party Advisory, VDB Entry | |
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2022-0001.html | Vendor Advisory | |
| security@vmware.com | https://www.zerodayinitiative.com/advisories/ZDI-22-003/ | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/165440/VMware-Security-Advisory-2022-0001.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2022-0001.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zerodayinitiative.com/advisories/ZDI-22-003/ | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | workstation | * | |
| vmware | fusion | * | |
| apple | mac_os_x | - | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEBD9C21-C9E9-45EB-8370-B499C0B9290A",
"versionEndIncluding": "3.10.2.2",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "326A2867-797D-4AA9-8D2C-43E8CDA0BCFC",
"versionEndIncluding": "4.3.1",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C60BB77E-04F4-444A-9664-EFC2E33F1C65",
"versionEndExcluding": "16.2.0",
"versionStartIncluding": "16.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BE0A2B22-5AF1-4CC6-A4E4-57A9B785E28A",
"versionEndExcluding": "12.2.0",
"versionStartIncluding": "12.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*",
"matchCriteriaId": "7F916A39-13BD-44A7-A9EC-1FD40EBE357C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*",
"matchCriteriaId": "4F8219B4-1FC2-4383-83E6-92DF700C72D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*",
"matchCriteriaId": "C44C9D6A-8BBE-4970-A732-B9F86D42A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*",
"matchCriteriaId": "427F4ED8-8782-4BDF-A559-11CB8E0A65F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*",
"matchCriteriaId": "63DDC95E-BBCD-4A68-9AFB-B5F9D206818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*",
"matchCriteriaId": "B27E3424-5D4E-4E5D-8762-7AECBB11FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2D217AAB-D45F-480B-8F82-16B261F370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*",
"matchCriteriaId": "1B58312B-D72B-4F13-9EF5-0F42CE592757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*",
"matchCriteriaId": "8FBB88C2-793A-40F2-AA40-EC315115AE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*",
"matchCriteriaId": "21F59801-904B-427F-A1A9-C933E38AB7AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*",
"matchCriteriaId": "5A3FFDE9-FD36-41F9-AC35-E14BB6AEF7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*",
"matchCriteriaId": "D22AFAE1-F817-4037-8EE5-AF04314AAAB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*",
"matchCriteriaId": "8D4C44D6-73AD-48A3-B5F3-31B1FDC77E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*",
"matchCriteriaId": "5D1694B2-1CD9-4943-8CFF-38218CDB88F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*",
"matchCriteriaId": "154B54C8-1D65-4D3E-A64B-CF2D21E71FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*",
"matchCriteriaId": "D86BCD56-4BD6-4C61-B80E-12E47D12A00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*",
"matchCriteriaId": "6741A159-1D92-4E25-BD43-606DE1138D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*",
"matchCriteriaId": "DCC98C53-EEC1-4CFE-9C31-9F2592723B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C565246C-896C-4E48-8C24-344C9B0A3057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202007001:*:*:*:*:*:*",
"matchCriteriaId": "8479F377-4F47-433D-867D-A94A4B0E46EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202010001:*:*:*:*:*:*",
"matchCriteriaId": "ECC2468D-6B23-4C7E-951B-DDA8DD17B51E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202011001:*:*:*:*:*:*",
"matchCriteriaId": "2CB7210B-C9FC-41FA-A258-1F6EC737E9BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202011002:*:*:*:*:*:*",
"matchCriteriaId": "3279299C-37AD-47DF-B22A-20562D13AD80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202102001:*:*:*:*:*:*",
"matchCriteriaId": "91032EB0-AC08-459A-8D78-C7412AE64E3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202102002:*:*:*:*:*:*",
"matchCriteriaId": "7C5987AE-6E37-4470-A192-5E2F1C999F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202102003:*:*:*:*:*:*",
"matchCriteriaId": "F603C437-FC49-4CCA-8A1A-3264CAE794B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202107401:*:*:*:*:*:*",
"matchCriteriaId": "BA34EFDD-DA04-415D-93B8-E5B35EF8A5F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*",
"matchCriteriaId": "9969057F-BD3A-474E-8A02-087575A8AA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*",
"matchCriteriaId": "7111974A-2A88-4209-8CBB-F872993AE4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*",
"matchCriteriaId": "35722902-3652-44F1-89C2-08EB51F2A1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*",
"matchCriteriaId": "E469AC46-D464-4960-8F23-CA59B3DCB7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*",
"matchCriteriaId": "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*",
"matchCriteriaId": "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*",
"matchCriteriaId": "739948F5-E005-49E3-B412-4E035C7D95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*",
"matchCriteriaId": "D1828A75-5088-4992-A06B-A58B62536F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*",
"matchCriteriaId": "58030F5A-82E1-4D54-A8F0-30CAAD4C8402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*",
"matchCriteriaId": "9A013753-5E40-4CD8-A649-6CD023E0A970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*",
"matchCriteriaId": "F554BC79-A92C-4287-9D94-3657C48E36CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*",
"matchCriteriaId": "F82710D4-3FAB-469F-B15C-F22B4786AE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*",
"matchCriteriaId": "BDE7B96D-AD37-406D-AF62-3797E7A55119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*",
"matchCriteriaId": "A9C294EC-F0BE-44DA-9073-D29D693F0964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*",
"matchCriteriaId": "E05B6CD2-A581-46C2-AEA7-D8A6028FB466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*",
"matchCriteriaId": "6CEC1380-E75E-40B5-BDE8-94E12317CCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*",
"matchCriteriaId": "C7B7079D-785C-4941-929A-C82B54809728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*",
"matchCriteriaId": "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*",
"matchCriteriaId": "31F8FFF5-25BD-408D-9089-567AF16BA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*",
"matchCriteriaId": "EE834CFD-5533-4989-8836-D0F07ED4919C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*",
"matchCriteriaId": "092F9149-6B82-48CD-B90C-87DB36881F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*",
"matchCriteriaId": "B2EA0EC1-0139-403C-AC9B-08D8530F4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*",
"matchCriteriaId": "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*",
"matchCriteriaId": "755CCD27-3C87-497F-BDBB-48D3163909A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201911001:*:*:*:*:*:*",
"matchCriteriaId": "2130E67D-7F2A-4D82-BEFD-BA42B6B6FDA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*",
"matchCriteriaId": "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*",
"matchCriteriaId": "1CE71B5C-586B-4829-9A7E-3A008A1C1E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*",
"matchCriteriaId": "802A1549-678C-4001-807B-97AD0953B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*",
"matchCriteriaId": "A6024926-4AE4-4609-99DE-E3173A72058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*",
"matchCriteriaId": "AB1CAAFF-616A-4455-86CA-0ED553D3D27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*",
"matchCriteriaId": "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*",
"matchCriteriaId": "13C713B1-AEA0-40B0-829E-4D0A23808577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004301:*:*:*:*:*:*",
"matchCriteriaId": "04BAED99-1BF3-4089-B6E6-0BE505E6D846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004401:*:*:*:*:*:*",
"matchCriteriaId": "F318EA34-1EB7-484D-B016-3173683B0823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004402:*:*:*:*:*:*",
"matchCriteriaId": "08254171-3483-4796-AD29-8C8A66BEA7A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004403:*:*:*:*:*:*",
"matchCriteriaId": "BB87B220-ED25-4818-8E70-A9663CCEF005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004404:*:*:*:*:*:*",
"matchCriteriaId": "1275D19D-05C0-42F8-8402-647E512DAC72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004405:*:*:*:*:*:*",
"matchCriteriaId": "7D919EB9-F45B-4A4B-9887-7DE98065B766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004406:*:*:*:*:*:*",
"matchCriteriaId": "6CB29FBD-2AD3-49D0-9F49-AE4DD9192C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004407:*:*:*:*:*:*",
"matchCriteriaId": "C2ACA3A8-5B40-45C4-B47F-0DCF04D6700F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004408:*:*:*:*:*:*",
"matchCriteriaId": "92E98665-4919-4D45-88CF-28835DADD6E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C0A275B7-DBF3-4332-8B5F-C9CAD84229B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202008001:*:*:*:*:*:*",
"matchCriteriaId": "497F58A2-0A2C-4A59-A73B-31C956EF3CD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202010001:*:*:*:*:*:*",
"matchCriteriaId": "18E8632C-E442-4F18-BFE2-96AE5C839F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202011001:*:*:*:*:*:*",
"matchCriteriaId": "13D69B99-CB36-45DD-9FD9-C58186998200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202011002:*:*:*:*:*:*",
"matchCriteriaId": "EF0BC157-1834-46D8-9BF9-0CE9648C7D8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202102001:*:*:*:*:*:*",
"matchCriteriaId": "728136B6-47A7-42BC-9464-7745E4F2B4FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202103001:*:*:*:*:*:*",
"matchCriteriaId": "3967967A-E0A5-45B3-999C-D749A9B0C791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202111001:*:*:*:*:*:*",
"matchCriteriaId": "8220EA95-39E0-46FA-98B2-5C793E3CE1CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "F030A666-1955-438B-8417-5C294905399F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
"matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "238E7AF4-722B-423D-ABB1-424286B06715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "1E4DE8C7-72FB-4BEC-AD9E-378786295011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "D3E3A02D-6C1E-4DE8-B845-60F53C056F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*",
"matchCriteriaId": "12D385F0-DB2B-4802-AD0E-31441DA056B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*",
"matchCriteriaId": "2C202879-9230-4E1D-BAB8-4FB7CE4BBC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*",
"matchCriteriaId": "CC6DC107-5142-4155-A33B-D5BE72E9ED38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0) contains a heap-overflow vulnerability in CD-ROM device emulation. A malicious actor with access to a virtual machine with CD-ROM device emulation may be able to exploit this vulnerability in conjunction with other issues to execute code on the hypervisor from a virtual machine."
},
{
"lang": "es",
"value": "VMware ESXi (versiones 7.0, 6.7 anteriores a ESXi670-202111101-SG y 6.5 anteriores a ESXi650-202110101-SG), VMware Workstation (versi\u00f3n 16.2.0) y VMware Fusion (versi\u00f3n 12.2.0), contienen una vulnerabilidad de desbordamiento de pila en la emulaci\u00f3n de dispositivos de CD-ROM. Un actor malicioso con acceso a una m\u00e1quina virtual con emulaci\u00f3n de dispositivo de CD-ROM puede ser capaz de explotar esta vulnerabilidad en conjunto con otros problemas para ejecutar c\u00f3digo en el hipervisor desde una m\u00e1quina virtual"
}
],
"id": "CVE-2021-22045",
"lastModified": "2024-11-21T05:49:29.663",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.1,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-04T22:15:07.467",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165440/VMware-Security-Advisory-2022-0001.html"
},
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0001.html"
},
{
"source": "security@vmware.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165440/VMware-Security-Advisory-2022-0001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-003/"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-20 17:15
Modified
2024-11-21 05:32
Severity ?
Summary
VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds read vulnerability due to a time-of-check time-of-use issue in ACPI device. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2020-0023.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2020-0023.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | workstation | * | |
| vmware | esxi | 7.0.0 | |
| vmware | esxi | 7.0.0 | |
| vmware | fusion | * | |
| apple | mac_os_x | - | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD43625B-DBC4-460B-A7DA-F1EA254806DB",
"versionEndExcluding": "3.10.1",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2A68886-4079-4BE1-9E51-6022ED680B86",
"versionEndExcluding": "4.1",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC7F7324-504A-4597-ABF9-326D370A4CF1",
"versionEndIncluding": "15.5.6",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "70F4DA98-C1D3-489E-958C-B466BEAD772B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:1.20.16321839:*:*:*:*:*:*",
"matchCriteriaId": "0DB30686-F9E0-4845-BFB6-713043B35736",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF0DDB53-0355-48F7-AE05-DCACBB14F6F8",
"versionEndExcluding": "11.5.6",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4781BF1E-8A4E-4AFF-9540-23D523EE30DD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:2:*:*:*:*:*:*",
"matchCriteriaId": "60405BAB-A6C6-4AD8-A5D2-EAD114FE931F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*",
"matchCriteriaId": "7F916A39-13BD-44A7-A9EC-1FD40EBE357C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*",
"matchCriteriaId": "4F8219B4-1FC2-4383-83E6-92DF700C72D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*",
"matchCriteriaId": "C44C9D6A-8BBE-4970-A732-B9F86D42A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*",
"matchCriteriaId": "427F4ED8-8782-4BDF-A559-11CB8E0A65F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*",
"matchCriteriaId": "63DDC95E-BBCD-4A68-9AFB-B5F9D206818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*",
"matchCriteriaId": "B27E3424-5D4E-4E5D-8762-7AECBB11FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2D217AAB-D45F-480B-8F82-16B261F370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*",
"matchCriteriaId": "1B58312B-D72B-4F13-9EF5-0F42CE592757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*",
"matchCriteriaId": "8FBB88C2-793A-40F2-AA40-EC315115AE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*",
"matchCriteriaId": "21F59801-904B-427F-A1A9-C933E38AB7AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*",
"matchCriteriaId": "5A3FFDE9-FD36-41F9-AC35-E14BB6AEF7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*",
"matchCriteriaId": "D22AFAE1-F817-4037-8EE5-AF04314AAAB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*",
"matchCriteriaId": "8D4C44D6-73AD-48A3-B5F3-31B1FDC77E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*",
"matchCriteriaId": "5D1694B2-1CD9-4943-8CFF-38218CDB88F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*",
"matchCriteriaId": "154B54C8-1D65-4D3E-A64B-CF2D21E71FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*",
"matchCriteriaId": "D86BCD56-4BD6-4C61-B80E-12E47D12A00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*",
"matchCriteriaId": "6741A159-1D92-4E25-BD43-606DE1138D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*",
"matchCriteriaId": "DCC98C53-EEC1-4CFE-9C31-9F2592723B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C565246C-896C-4E48-8C24-344C9B0A3057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202007001:*:*:*:*:*:*",
"matchCriteriaId": "8479F377-4F47-433D-867D-A94A4B0E46EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201-ug:*:*:*:*:*:*",
"matchCriteriaId": "7264CDC9-FB2D-45A9-9307-C197B1052477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202-ug:*:*:*:*:*:*",
"matchCriteriaId": "D0538570-759A-441A-BC37-556642C090F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203-ug:*:*:*:*:*:*",
"matchCriteriaId": "9CF906E5-A846-49BA-925B-C6059FD02BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204-ug:*:*:*:*:*:*",
"matchCriteriaId": "7D3D0230-53D4-469F-AD46-74F057F6F9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205-ug:*:*:*:*:*:*",
"matchCriteriaId": "8D8E89CE-C919-4CDF-98BE-BA9A126B36BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206-ug:*:*:*:*:*:*",
"matchCriteriaId": "73DA1453-4756-4C16-9640-B3B0C6F617DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207-ug:*:*:*:*:*:*",
"matchCriteriaId": "589EE886-6927-4AEA-903C-155C23B1747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BDDFA27-0D99-4D98-B00F-5D038488BAAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209-ug:*:*:*:*:*:*",
"matchCriteriaId": "3F931502-8460-4373-92D7-CFD817F4A062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210-ug:*:*:*:*:*:*",
"matchCriteriaId": "287D4E48-4890-46C2-8B9B-1CE484C9D30A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211-ug:*:*:*:*:*:*",
"matchCriteriaId": "A916EB29-ADE4-4D65-BF8E-98B44E466AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212-ug:*:*:*:*:*:*",
"matchCriteriaId": "BC024B88-DEDD-49E5-B668-5B00C212B6A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213-ug:*:*:*:*:*:*",
"matchCriteriaId": "DB9F131B-46BE-44F8-904B-FD0839926B18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214-ug:*:*:*:*:*:*",
"matchCriteriaId": "BA2195E5-3BAD-4E90-BE40-A59C0A6A9EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215-ug:*:*:*:*:*:*",
"matchCriteriaId": "1503D3D9-E1A7-41F9-B26D-0AED8ABE6FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216-ug:*:*:*:*:*:*",
"matchCriteriaId": "7BD28EE0-808D-4A76-B707-F163527608C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217-ug:*:*:*:*:*:*",
"matchCriteriaId": "79225541-575F-44FC-8ED6-24BA6A4128EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218-ug:*:*:*:*:*:*",
"matchCriteriaId": "8A4A62CD-A46B-4612-9DC8-7744E6D5EA40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219-ug:*:*:*:*:*:*",
"matchCriteriaId": "D526CE1D-ED76-44EB-9377-53EF7556E254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220-ug:*:*:*:*:*:*",
"matchCriteriaId": "D7E92A1C-40EB-441B-A634-42609527210A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221-ug:*:*:*:*:*:*",
"matchCriteriaId": "111A10BE-FC5A-4272-9719-1DED62694A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222-ug:*:*:*:*:*:*",
"matchCriteriaId": "FC65FCFC-CD55-401A-8986-A1DBF544D228",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223-ug:*:*:*:*:*:*",
"matchCriteriaId": "EEBD3AEC-284C-44E1-A4CD-010787114737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224-ug:*:*:*:*:*:*",
"matchCriteriaId": "42F87C20-5A00-43C9-A445-50AD716233D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225-ug:*:*:*:*:*:*",
"matchCriteriaId": "C1412AFC-CBE8-4151-B01D-785F11ACAB85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226-ug:*:*:*:*:*:*",
"matchCriteriaId": "6431DD1F-2269-4AFB-B486-9B6373F41C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BA5D0CB-E5B0-4C95-91A7-C662BAE01483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228-ug:*:*:*:*:*:*",
"matchCriteriaId": "A86BDAB4-3924-45A8-9130-517DEA184FA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229-ug:*:*:*:*:*:*",
"matchCriteriaId": "A6EAE07B-2849-4E3B-B8D0-F68E6440A9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*",
"matchCriteriaId": "9969057F-BD3A-474E-8A02-087575A8AA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*",
"matchCriteriaId": "7111974A-2A88-4209-8CBB-F872993AE4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*",
"matchCriteriaId": "35722902-3652-44F1-89C2-08EB51F2A1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*",
"matchCriteriaId": "E469AC46-D464-4960-8F23-CA59B3DCB7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*",
"matchCriteriaId": "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*",
"matchCriteriaId": "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*",
"matchCriteriaId": "739948F5-E005-49E3-B412-4E035C7D95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*",
"matchCriteriaId": "D1828A75-5088-4992-A06B-A58B62536F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*",
"matchCriteriaId": "58030F5A-82E1-4D54-A8F0-30CAAD4C8402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*",
"matchCriteriaId": "9A013753-5E40-4CD8-A649-6CD023E0A970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*",
"matchCriteriaId": "F554BC79-A92C-4287-9D94-3657C48E36CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*",
"matchCriteriaId": "F82710D4-3FAB-469F-B15C-F22B4786AE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*",
"matchCriteriaId": "BDE7B96D-AD37-406D-AF62-3797E7A55119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*",
"matchCriteriaId": "A9C294EC-F0BE-44DA-9073-D29D693F0964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*",
"matchCriteriaId": "E05B6CD2-A581-46C2-AEA7-D8A6028FB466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*",
"matchCriteriaId": "6CEC1380-E75E-40B5-BDE8-94E12317CCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*",
"matchCriteriaId": "C7B7079D-785C-4941-929A-C82B54809728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*",
"matchCriteriaId": "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*",
"matchCriteriaId": "31F8FFF5-25BD-408D-9089-567AF16BA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*",
"matchCriteriaId": "EE834CFD-5533-4989-8836-D0F07ED4919C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*",
"matchCriteriaId": "092F9149-6B82-48CD-B90C-87DB36881F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*",
"matchCriteriaId": "B2EA0EC1-0139-403C-AC9B-08D8530F4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*",
"matchCriteriaId": "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*",
"matchCriteriaId": "755CCD27-3C87-497F-BDBB-48D3163909A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*",
"matchCriteriaId": "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*",
"matchCriteriaId": "1CE71B5C-586B-4829-9A7E-3A008A1C1E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*",
"matchCriteriaId": "802A1549-678C-4001-807B-97AD0953B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*",
"matchCriteriaId": "A6024926-4AE4-4609-99DE-E3173A72058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*",
"matchCriteriaId": "AB1CAAFF-616A-4455-86CA-0ED553D3D27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*",
"matchCriteriaId": "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*",
"matchCriteriaId": "13C713B1-AEA0-40B0-829E-4D0A23808577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004301:*:*:*:*:*:*",
"matchCriteriaId": "04BAED99-1BF3-4089-B6E6-0BE505E6D846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004401:*:*:*:*:*:*",
"matchCriteriaId": "F318EA34-1EB7-484D-B016-3173683B0823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004402:*:*:*:*:*:*",
"matchCriteriaId": "08254171-3483-4796-AD29-8C8A66BEA7A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004403:*:*:*:*:*:*",
"matchCriteriaId": "BB87B220-ED25-4818-8E70-A9663CCEF005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004404:*:*:*:*:*:*",
"matchCriteriaId": "1275D19D-05C0-42F8-8402-647E512DAC72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004405:*:*:*:*:*:*",
"matchCriteriaId": "7D919EB9-F45B-4A4B-9887-7DE98065B766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004406:*:*:*:*:*:*",
"matchCriteriaId": "6CB29FBD-2AD3-49D0-9F49-AE4DD9192C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004407:*:*:*:*:*:*",
"matchCriteriaId": "C2ACA3A8-5B40-45C4-B47F-0DCF04D6700F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004408:*:*:*:*:*:*",
"matchCriteriaId": "92E98665-4919-4D45-88CF-28835DADD6E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C0A275B7-DBF3-4332-8B5F-C9CAD84229B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202008001:*:*:*:*:*:*",
"matchCriteriaId": "497F58A2-0A2C-4A59-A73B-31C956EF3CD9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds read vulnerability due to a time-of-check time-of-use issue in ACPI device. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process."
},
{
"lang": "es",
"value": "VMware ESXi (versiones 7.0 anteriores a ESXi_7.0.1-0.0.16850804, versiones 6.7 anteriores a ESXi670-202008101-SG, versiones 6.5 anteriores a ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x antes de 11.5.6), contienen una vulnerabilidad de lectura fuera de l\u00edmites debido a un problema time-of-check time-of-use en el dispositivo ACPI.\u0026#xa0;Un actor malicioso con acceso administrativo a una m\u00e1quina virtual puede ser capaz de explotar este problema para filtrar la memoria del proceso vmx"
}
],
"id": "CVE-2020-3981",
"lastModified": "2024-11-21T05:32:06.410",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-20T17:15:12.670",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-367"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-31 18:15
Modified
2025-03-12 20:57
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0004.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0004.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | 3.0 | |
| vmware | cloud_foundation | 3.0.1 | |
| vmware | cloud_foundation | 3.0.1.1 | |
| vmware | cloud_foundation | 3.5 | |
| vmware | cloud_foundation | 3.5.1 | |
| vmware | cloud_foundation | 3.7 | |
| vmware | cloud_foundation | 3.7.1 | |
| vmware | cloud_foundation | 3.7.2 | |
| vmware | cloud_foundation | 3.8 | |
| vmware | cloud_foundation | 3.8.1 | |
| vmware | cloud_foundation | 3.9 | |
| vmware | cloud_foundation | 3.9.1 | |
| vmware | cloud_foundation | 3.10 | |
| vmware | cloud_foundation | 4.0 | |
| vmware | cloud_foundation | 4.0.1 | |
| vmware | vrealize_operations_manager | 7.0.0 | |
| vmware | vrealize_operations_manager | 7.5.0 | |
| vmware | vrealize_operations_manager | 8.0.0 | |
| vmware | vrealize_operations_manager | 8.0.1 | |
| vmware | vrealize_operations_manager | 8.1.0 | |
| vmware | vrealize_operations_manager | 8.1.1 | |
| vmware | vrealize_operations_manager | 8.2.0 | |
| vmware | vrealize_operations_manager | 8.3.0 | |
| vmware | vrealize_suite_lifecycle_manager | 8.0 | |
| vmware | vrealize_suite_lifecycle_manager | 8.0.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.2 |
{
"cisaActionDue": "2022-02-01",
"cisaExploitAdd": "2022-01-18",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "VMware Server Side Request Forgery in vRealize Operations Manager API",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BEACD8D-30EF-44FE-839B-DA69E6CED23A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36847AD6-88CC-4228-AB4E-5161B381267C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC3C214-DEFC-48D9-8728-31F19095375E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF5CF56-8DE1-42F5-9EC1-E5666DD7FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36668618-33C3-460A-879B-A9741405C9D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8266FD66-3BB6-4720-9D9F-06EFB38FA4B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8D4C25D3-BC49-4727-B7A2-28C0F2E647EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3E9AB6FF-D508-42FF-8FB9-24B96AE2F03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "328785AE-390C-4CA2-9771-4A26387E4E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298B797F-C3B6-445C-AADB-8633B446F10F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F97BA12F-A60D-4398-9CA8-DE2F7BACBA8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E19009EB-02D3-424A-947D-7B66EFCCE422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "89656A51-0840-4A27-B05B-7E54B0CF0521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "38EB0C0C-56CF-4A8F-A36F-E0E180B9059E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A54544F5-5929-4609-A91C-FCA0FDBFE862",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B7985EA2-E167-4BB9-91CA-D57110413B63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:7.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC6471F-2FB5-4C7A-9B5D-0B08A8E2C08C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B5F35204-5A57-4086-B782-77A25471F9EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "536C689B-F40A-4090-B7F9-3D16C6B2A82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76A32960-1C18-4DA5-A870-C15C432B6CE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4FCFFA39-F7EA-4065-B0B5-A1E2B120EBA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:8.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B612FDA-4210-44FE-9B5C-F678EA2CD6FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:8.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0256D20-63D3-4DE9-9637-94033F11FC7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3318D91-40AC-4649-8FCD-4557C8F934B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A06C29AB-1EAF-43EF-96C3-9E3468911B2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "43723EC2-295E-4AF7-B654-70F9E42F4807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB84C30-EE5D-4C15-A74E-7B2B3E0DED4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials."
},
{
"lang": "es",
"value": "una vulnerabilidad de Server Side Request Forgery en la API vRealize Operations Manager (CVE-2021-21975) anterior a la versi\u00f3n 8.4, puede permitir que un actor malicioso con acceso de red a la API vRealize Operations Manager pueda realizar un ataque de tipo Server Side Request Forgery para robar credenciales administrativas."
}
],
"id": "CVE-2021-21975",
"lastModified": "2025-03-12T20:57:43.230",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2021-03-31T18:15:14.597",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html"
},
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0004.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-18 06:15
Modified
2025-03-13 15:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | vcenter_server | 8.0 | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "CC974CA1-88D3-42E4-BF1F-28870F8171B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:a:*:*:*:*:*:*",
"matchCriteriaId": "EFE63984-F69B-4593-9AEC-D179D6D98B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:b:*:*:*:*:*:*",
"matchCriteriaId": "34D1F3B3-8E3F-4E4D-8EE6-2F593663B5CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:c:*:*:*:*:*:*",
"matchCriteriaId": "16F3D992-9F48-4604-9AAF-DC2D1CE98BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "C745A7E6-4760-48CD-B7C4-1C2C20217F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "A5522514-8ED9-45DB-9036-33FE40D77E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1b:*:*:*:*:*:*",
"matchCriteriaId": "8C27C660-E917-4944-8B4C-41D9622B76D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "56CFB469-B3E6-4503-A47C-D18206D4D19A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "67024A43-9E13-4F4E-B711-731792DA3840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "604F559F-1775-4F29-996E-9079B99345B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "61DC9400-5AEE-49AC-9925-0A96E32BD8C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2b:*:*:*:*:*:*",
"matchCriteriaId": "98C1B77E-AB0E-4E8A-8294-2D3D230CDF9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2c:*:*:*:*:*:*",
"matchCriteriaId": "8EC8BEF1-7908-46C0-841A-834778D1A863",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
"matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*",
"matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*",
"matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*",
"matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "0FC6765A-6584-45A8-9B21-4951D2EA8939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "85DD238C-EF73-44F0-928E-A94FF5C4B378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "F4CA36C1-732E-41AE-B847-F7411B753F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "0DA882B6-D811-4E4B-B614-2D48F0B9036E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2b:*:*:*:*:*:*",
"matchCriteriaId": "8D30A78E-16D0-4A2E-A2F8-F6073698243E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2c:*:*:*:*:*:*",
"matchCriteriaId": "188E103E-9568-4CE0-A984-141B2A9E82D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2d:*:*:*:*:*:*",
"matchCriteriaId": "B266439F-E911-4C95-9D27-88DF96DDCCD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "6508A908-EF14-4A72-AC75-5DA6F8B98A0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3a:*:*:*:*:*:*",
"matchCriteriaId": "3BAD2012-5C82-4EA9-A780-9BF1DA5A18AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3c:*:*:*:*:*:*",
"matchCriteriaId": "58597F18-0B23-4D21-9ABA-D9773958F10E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3d:*:*:*:*:*:*",
"matchCriteriaId": "ADF46C54-313B-4742-A074-EEA0A6554680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3e:*:*:*:*:*:*",
"matchCriteriaId": "9587F800-57BC-44B6-870E-95691684FC46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3f:*:*:*:*:*:*",
"matchCriteriaId": "AD148A75-5076-416D-AFD6-0F281DA0A82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3g:*:*:*:*:*:*",
"matchCriteriaId": "956CEA8C-F8C4-41BD-85B4-44FE3A772E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3h:*:*:*:*:*:*",
"matchCriteriaId": "008AEA0F-116B-4AF8-B3A7-3041CCE25235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3i:*:*:*:*:*:*",
"matchCriteriaId": "EE486B2F-AED4-4FCE-A674-DFC25844FEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3j:*:*:*:*:*:*",
"matchCriteriaId": "4F73AA9E-51E9-4FA0-813D-AD05FDC3EF94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3k:*:*:*:*:*:*",
"matchCriteriaId": "455DD46E-A071-476D-8914-767485E45F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3l:*:*:*:*:*:*",
"matchCriteriaId": "3A422D04-48DF-4A16-94F8-D5702CC2782D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3m:*:*:*:*:*:*",
"matchCriteriaId": "806E9219-CDF4-4E62-978E-334E96A94BA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3n:*:*:*:*:*:*",
"matchCriteriaId": "34D8B182-4E71-4655-8DD8-743A3EF6DC8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3o:*:*:*:*:*:*",
"matchCriteriaId": "8D8F6CC7-6B6D-4079-9E2C-A85C4616FF92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3p:*:*:*:*:*:*",
"matchCriteriaId": "A814F0AB-4AEB-4139-976F-425A4A9EC67B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
"matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*",
"matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*",
"matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*",
"matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "0FC6765A-6584-45A8-9B21-4951D2EA8939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "85DD238C-EF73-44F0-928E-A94FF5C4B378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "F4CA36C1-732E-41AE-B847-F7411B753F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "0DA882B6-D811-4E4B-B614-2D48F0B9036E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2b:*:*:*:*:*:*",
"matchCriteriaId": "8D30A78E-16D0-4A2E-A2F8-F6073698243E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2c:*:*:*:*:*:*",
"matchCriteriaId": "188E103E-9568-4CE0-A984-141B2A9E82D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2d:*:*:*:*:*:*",
"matchCriteriaId": "B266439F-E911-4C95-9D27-88DF96DDCCD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "6508A908-EF14-4A72-AC75-5DA6F8B98A0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3a:*:*:*:*:*:*",
"matchCriteriaId": "3BAD2012-5C82-4EA9-A780-9BF1DA5A18AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3c:*:*:*:*:*:*",
"matchCriteriaId": "58597F18-0B23-4D21-9ABA-D9773958F10E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3d:*:*:*:*:*:*",
"matchCriteriaId": "ADF46C54-313B-4742-A074-EEA0A6554680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3e:*:*:*:*:*:*",
"matchCriteriaId": "9587F800-57BC-44B6-870E-95691684FC46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3f:*:*:*:*:*:*",
"matchCriteriaId": "AD148A75-5076-416D-AFD6-0F281DA0A82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3g:*:*:*:*:*:*",
"matchCriteriaId": "956CEA8C-F8C4-41BD-85B4-44FE3A772E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3h:*:*:*:*:*:*",
"matchCriteriaId": "008AEA0F-116B-4AF8-B3A7-3041CCE25235",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3i:*:*:*:*:*:*",
"matchCriteriaId": "EE486B2F-AED4-4FCE-A674-DFC25844FEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3j:*:*:*:*:*:*",
"matchCriteriaId": "4F73AA9E-51E9-4FA0-813D-AD05FDC3EF94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3k:*:*:*:*:*:*",
"matchCriteriaId": "455DD46E-A071-476D-8914-767485E45F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3l:*:*:*:*:*:*",
"matchCriteriaId": "3A422D04-48DF-4A16-94F8-D5702CC2782D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3m:*:*:*:*:*:*",
"matchCriteriaId": "806E9219-CDF4-4E62-978E-334E96A94BA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3n:*:*:*:*:*:*",
"matchCriteriaId": "34D8B182-4E71-4655-8DD8-743A3EF6DC8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3o:*:*:*:*:*:*",
"matchCriteriaId": "8D8F6CC7-6B6D-4079-9E2C-A85C4616FF92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3p:*:*:*:*:*:*",
"matchCriteriaId": "A814F0AB-4AEB-4139-976F-425A4A9EC67B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "CC974CA1-88D3-42E4-BF1F-28870F8171B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:a:*:*:*:*:*:*",
"matchCriteriaId": "EFE63984-F69B-4593-9AEC-D179D6D98B08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:b:*:*:*:*:*:*",
"matchCriteriaId": "34D1F3B3-8E3F-4E4D-8EE6-2F593663B5CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:c:*:*:*:*:*:*",
"matchCriteriaId": "16F3D992-9F48-4604-9AAF-DC2D1CE98BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "C745A7E6-4760-48CD-B7C4-1C2C20217F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "A5522514-8ED9-45DB-9036-33FE40D77E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1b:*:*:*:*:*:*",
"matchCriteriaId": "8C27C660-E917-4944-8B4C-41D9622B76D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "56CFB469-B3E6-4503-A47C-D18206D4D19A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update1d:*:*:*:*:*:*",
"matchCriteriaId": "67024A43-9E13-4F4E-B711-731792DA3840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "604F559F-1775-4F29-996E-9079B99345B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "61DC9400-5AEE-49AC-9925-0A96E32BD8C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2b:*:*:*:*:*:*",
"matchCriteriaId": "98C1B77E-AB0E-4E8A-8294-2D3D230CDF9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:8.0:update2c:*:*:*:*:*:*",
"matchCriteriaId": "8EC8BEF1-7908-46C0-841A-834778D1A863",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA8DFE6-9C74-4711-A8AF-3B170876A1F9",
"versionEndExcluding": "5.2",
"versionStartIncluding": "4.0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de desbordamiento de mont\u00f3n en la implementaci\u00f3n del protocolo DCERPC. Un actor malintencionado con acceso a la red de vCenter Server puede desencadenar esta vulnerabilidad al enviar un paquete de red especialmente manipulado que podr\u00eda conducir a la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"id": "CVE-2024-37080",
"lastModified": "2025-03-13T15:15:45.353",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-18T06:15:11.640",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-01-16 10:15
Modified
2025-06-20 17:15
Severity ?
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H
8.3 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
8.3 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
Summary
Aria Automation contains a Missing Access Control vulnerability.
An authenticated malicious actor may
exploit this vulnerability leading to unauthorized access to remote
organizations and workflows.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2024-0001.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2024-0001.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | aria_automation | 8.11.0 | |
| vmware | aria_automation | 8.11.1 | |
| vmware | aria_automation | 8.11.2 | |
| vmware | aria_automation | 8.12.0 | |
| vmware | aria_automation | 8.12.1 | |
| vmware | aria_automation | 8.12.2 | |
| vmware | aria_automation | 8.13.0 | |
| vmware | aria_automation | 8.13.1 | |
| vmware | aria_automation | 8.14.0 | |
| vmware | aria_automation | 8.14.1 | |
| vmware | cloud_foundation | 4.0 | |
| vmware | cloud_foundation | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:aria_automation:8.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "183DC197-4FF2-4B84-B0E8-666E49CC9DDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:aria_automation:8.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2849AEA0-B419-4096-B1D8-796686CE4C56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:aria_automation:8.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFC657E-8780-46FE-AC01-22F8CFF196C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:aria_automation:8.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "91E0F535-5F30-495E-9974-2C2F65ED94EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:aria_automation:8.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C8B7BAD1-8544-491E-B41F-B4CD4E2B3754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:aria_automation:8.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FF9CA281-ACE8-4768-A5EC-EB29111CD3EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:aria_automation:8.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB173C24-3DDA-46CA-9B80-9A2C4EB73768",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:aria_automation:8.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "24986636-3F4B-46CF-A374-0D006216731F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:aria_automation:8.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FB6E2175-E4C2-46A7-9D37-E37A8239B16D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:aria_automation:8.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F48CE31-68D2-4FE8-9BB2-ADC85259552A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "38EB0C0C-56CF-4A8F-A36F-E0E180B9059E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3D640F9-7733-415F-8BA7-DC41658EDC76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Aria Automation contains a Missing Access Control vulnerability.\n\n\nAn authenticated malicious actor may \nexploit this vulnerability leading to unauthorized access to remote \norganizations and workflows.\n\n"
},
{
"lang": "es",
"value": "Aria Automation contiene una vulnerabilidad de control de acceso faltante. Un actor malicioso autenticado puede explotar esta vulnerabilidad y provocar acceso no autorizado a organizaciones y workflows remotos."
}
],
"id": "CVE-2023-34063",
"lastModified": "2025-06-20T17:15:30.883",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-16T10:15:07.347",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0001.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-25 15:15
Modified
2024-11-21 05:32
Severity ?
Summary
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the XHCI USB controller. A malicious actor with local access to a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html | Exploit, Third Party Advisory, VDB Entry | |
| security@vmware.com | http://seclists.org/fulldisclosure/2020/Jul/22 | Mailing List, Third Party Advisory | |
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2020-0015.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2020/Jul/22 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2020-0015.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | fusion | * | |
| vmware | workstation | * | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 7.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F22BFA96-7E07-4E05-90A4-45A2F2FC2064",
"versionEndExcluding": "3.10",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02A5A8AC-4C6C-4E95-B730-00783FB79DFF",
"versionEndExcluding": "4.0.1",
"versionStartIncluding": "4.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A7448F9A-9D9B-47BC-ACD1-18199A70D148",
"versionEndExcluding": "11.5.2",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84A3302D-706B-4260-8407-121D7C2F0867",
"versionEndExcluding": "15.5.2",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*",
"matchCriteriaId": "7F916A39-13BD-44A7-A9EC-1FD40EBE357C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*",
"matchCriteriaId": "4F8219B4-1FC2-4383-83E6-92DF700C72D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*",
"matchCriteriaId": "C44C9D6A-8BBE-4970-A732-B9F86D42A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*",
"matchCriteriaId": "427F4ED8-8782-4BDF-A559-11CB8E0A65F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*",
"matchCriteriaId": "63DDC95E-BBCD-4A68-9AFB-B5F9D206818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*",
"matchCriteriaId": "B27E3424-5D4E-4E5D-8762-7AECBB11FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2D217AAB-D45F-480B-8F82-16B261F370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*",
"matchCriteriaId": "1B58312B-D72B-4F13-9EF5-0F42CE592757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*",
"matchCriteriaId": "8FBB88C2-793A-40F2-AA40-EC315115AE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*",
"matchCriteriaId": "21F59801-904B-427F-A1A9-C933E38AB7AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*",
"matchCriteriaId": "5A3FFDE9-FD36-41F9-AC35-E14BB6AEF7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*",
"matchCriteriaId": "D22AFAE1-F817-4037-8EE5-AF04314AAAB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*",
"matchCriteriaId": "8D4C44D6-73AD-48A3-B5F3-31B1FDC77E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*",
"matchCriteriaId": "5D1694B2-1CD9-4943-8CFF-38218CDB88F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*",
"matchCriteriaId": "154B54C8-1D65-4D3E-A64B-CF2D21E71FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*",
"matchCriteriaId": "D86BCD56-4BD6-4C61-B80E-12E47D12A00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*",
"matchCriteriaId": "6741A159-1D92-4E25-BD43-606DE1138D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*",
"matchCriteriaId": "DCC98C53-EEC1-4CFE-9C31-9F2592723B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*",
"matchCriteriaId": "9969057F-BD3A-474E-8A02-087575A8AA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*",
"matchCriteriaId": "7111974A-2A88-4209-8CBB-F872993AE4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*",
"matchCriteriaId": "35722902-3652-44F1-89C2-08EB51F2A1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*",
"matchCriteriaId": "E469AC46-D464-4960-8F23-CA59B3DCB7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*",
"matchCriteriaId": "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*",
"matchCriteriaId": "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*",
"matchCriteriaId": "739948F5-E005-49E3-B412-4E035C7D95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*",
"matchCriteriaId": "D1828A75-5088-4992-A06B-A58B62536F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*",
"matchCriteriaId": "58030F5A-82E1-4D54-A8F0-30CAAD4C8402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*",
"matchCriteriaId": "9A013753-5E40-4CD8-A649-6CD023E0A970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*",
"matchCriteriaId": "F554BC79-A92C-4287-9D94-3657C48E36CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*",
"matchCriteriaId": "F82710D4-3FAB-469F-B15C-F22B4786AE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*",
"matchCriteriaId": "BDE7B96D-AD37-406D-AF62-3797E7A55119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*",
"matchCriteriaId": "A9C294EC-F0BE-44DA-9073-D29D693F0964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*",
"matchCriteriaId": "E05B6CD2-A581-46C2-AEA7-D8A6028FB466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*",
"matchCriteriaId": "6CEC1380-E75E-40B5-BDE8-94E12317CCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*",
"matchCriteriaId": "C7B7079D-785C-4941-929A-C82B54809728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*",
"matchCriteriaId": "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*",
"matchCriteriaId": "31F8FFF5-25BD-408D-9089-567AF16BA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*",
"matchCriteriaId": "EE834CFD-5533-4989-8836-D0F07ED4919C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*",
"matchCriteriaId": "092F9149-6B82-48CD-B90C-87DB36881F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*",
"matchCriteriaId": "B2EA0EC1-0139-403C-AC9B-08D8530F4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*",
"matchCriteriaId": "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*",
"matchCriteriaId": "755CCD27-3C87-497F-BDBB-48D3163909A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*",
"matchCriteriaId": "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*",
"matchCriteriaId": "1CE71B5C-586B-4829-9A7E-3A008A1C1E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*",
"matchCriteriaId": "802A1549-678C-4001-807B-97AD0953B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*",
"matchCriteriaId": "A6024926-4AE4-4609-99DE-E3173A72058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*",
"matchCriteriaId": "AB1CAAFF-616A-4455-86CA-0ED553D3D27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*",
"matchCriteriaId": "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*",
"matchCriteriaId": "13C713B1-AEA0-40B0-829E-4D0A23808577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004301:*:*:*:*:*:*",
"matchCriteriaId": "04BAED99-1BF3-4089-B6E6-0BE505E6D846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004401:*:*:*:*:*:*",
"matchCriteriaId": "F318EA34-1EB7-484D-B016-3173683B0823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004402:*:*:*:*:*:*",
"matchCriteriaId": "08254171-3483-4796-AD29-8C8A66BEA7A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004403:*:*:*:*:*:*",
"matchCriteriaId": "BB87B220-ED25-4818-8E70-A9663CCEF005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004404:*:*:*:*:*:*",
"matchCriteriaId": "1275D19D-05C0-42F8-8402-647E512DAC72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004405:*:*:*:*:*:*",
"matchCriteriaId": "7D919EB9-F45B-4A4B-9887-7DE98065B766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004406:*:*:*:*:*:*",
"matchCriteriaId": "6CB29FBD-2AD3-49D0-9F49-AE4DD9192C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004407:*:*:*:*:*:*",
"matchCriteriaId": "C2ACA3A8-5B40-45C4-B47F-0DCF04D6700F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004408:*:*:*:*:*:*",
"matchCriteriaId": "92E98665-4919-4D45-88CF-28835DADD6E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C0A275B7-DBF3-4332-8B5F-C9CAD84229B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "70F4DA98-C1D3-489E-958C-B466BEAD772B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the XHCI USB controller. A malicious actor with local access to a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine."
},
{
"lang": "es",
"value": "VMware ESXi (versiones 7.0 anteriores a ESXi_7.0.0-1.20.16321839, versiones 6.7 anteriores a ESXi670-202006401-SG y versiones 6.5 anteriores a ESXi650-202005401-SG), Workstation (versiones 15.x anteriores a 15.5.2) y Fusion (versiones 11.x anteriores a 11.5. 2), contiene una filtraci\u00f3n de informaci\u00f3n en el controlador USB XHCI. Un actor malicioso con acceso local a una m\u00e1quina virtual puede ser capaz de leer informaci\u00f3n privilegiada contenida en la memoria del hipervisor desde una m\u00e1quina virtual"
}
],
"id": "CVE-2020-3965",
"lastModified": "2024-11-21T05:32:04.440",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-25T15:15:11.180",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html"
},
{
"source": "security@vmware.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Jul/22"
},
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158459/VMware-ESXi-Use-After-Free-Out-Of-Bounds-Access.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Jul/22"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-20 21:15
Modified
2025-02-05 16:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | aria_operations_for_logs | * | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:aria_operations_for_logs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67498B85-8EED-47C7-828E-C0184E431E4E",
"versionEndExcluding": "8.12.0",
"versionStartIncluding": "8.10.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF004A8-90A0-4804-97DA-C2C2005A54AA",
"versionEndIncluding": "4.5",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root."
}
],
"id": "CVE-2023-20864",
"lastModified": "2025-02-05T16:15:34.130",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-04-20T21:15:08.620",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0007.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-08-21 13:15
Modified
2024-11-21 05:32
Severity ?
Summary
VMware ESXi and vCenter Server contain a partial denial of service vulnerability in their respective authentication services. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2020-0018.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2020-0018.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F22BFA96-7E07-4E05-90A4-45A2F2FC2064",
"versionEndExcluding": "3.10",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2667C2B-79D7-4B9E-9EB9-566427C8DFF8",
"versionEndExcluding": "4.0.1",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*",
"matchCriteriaId": "CF7DDB0C-3C07-4B5E-8B8A-0542FEE72877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*",
"matchCriteriaId": "1DD16169-A7DF-4604-888C-156A60018E32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*",
"matchCriteriaId": "46FC9F34-C8FA-4AFE-9F4A-7CF9516BD4D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*",
"matchCriteriaId": "D26534EB-327B-4ED6-A3E1-005552CB1F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*",
"matchCriteriaId": "786CDD50-7E18-4437-8DB9-2D0ADECD436E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*",
"matchCriteriaId": "B2CE8DAE-0E78-4004-983D-1ECD8855EC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1:*:*:*:*:*:*",
"matchCriteriaId": "7E51F433-1152-4E94-AF77-970230B1A574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1b:*:*:*:*:*:*",
"matchCriteriaId": "0064D104-E0D8-481A-9029-D3726A1A9CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1c:*:*:*:*:*:*",
"matchCriteriaId": "9B4D3F61-6CD9-411F-A205-EB06A57EBB4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1d:*:*:*:*:*:*",
"matchCriteriaId": "F72A1E9C-F960-4E8C-A46C-B38209E6349E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1e:*:*:*:*:*:*",
"matchCriteriaId": "2C33CE46-F529-4EA9-9344-6ED3BFA7019D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1g:*:*:*:*:*:*",
"matchCriteriaId": "9F1D8161-0E02-45C9-BF61-14799AB65E03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2:*:*:*:*:*:*",
"matchCriteriaId": "1F2CB1FF-6118-4875-945D-07BAA3A21FFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2b:*:*:*:*:*:*",
"matchCriteriaId": "1AEDA28A-5C8E-4E95-A377-3BE530DBEAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2c:*:*:*:*:*:*",
"matchCriteriaId": "BDDC6510-3116-4578-80C8-8EF044A8370A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2d:*:*:*:*:*:*",
"matchCriteriaId": "8678DB48-CB98-4E4C-ADE6-CABA73265FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2g:*:*:*:*:*:*",
"matchCriteriaId": "DBD9A341-1FBF-4E04-848B-550DEB27261A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3:*:*:*:*:*:*",
"matchCriteriaId": "4955663C-1BB6-4F3E-9D4B-362DF144B7F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3d:*:*:*:*:*:*",
"matchCriteriaId": "CE0F8453-3D6C-4F1C-9167-3F02E3D905DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3f:*:*:*:*:*:*",
"matchCriteriaId": "0EAD4045-A7F9-464F-ABB9-3782941162CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*",
"matchCriteriaId": "5241C282-A02B-44B2-B6CA-BA3A99F9737C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*",
"matchCriteriaId": "04A60AC7-C2EA-4DBF-9743-54D708584AFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*",
"matchCriteriaId": "8A91B0C4-F184-459E-AFD3-DE0E351CC964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1:*:*:*:*:*:*",
"matchCriteriaId": "23253631-2655-48A8-9B00-CB984232329C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1b:*:*:*:*:*:*",
"matchCriteriaId": "50C2A9A8-0E66-4702-BCD4-74622108E7A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2:*:*:*:*:*:*",
"matchCriteriaId": "EE4D3E2A-C32D-408F-B811-EF8BC86F0D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2a:*:*:*:*:*:*",
"matchCriteriaId": "31CA7802-D78D-4BAD-A45A-68B601C010C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2c:*:*:*:*:*:*",
"matchCriteriaId": "3B98981B-4721-4752-BAB4-361DB5AEB86F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3:*:*:*:*:*:*",
"matchCriteriaId": "04487105-980A-4943-9360-4442BF0411E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3a:*:*:*:*:*:*",
"matchCriteriaId": "24D24E06-EB3F-4F11-849B-E66757B01466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3b:*:*:*:*:*:*",
"matchCriteriaId": "8AF12716-88E2-44B5-ACD7-BCBECA130FB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3f:*:*:*:*:*:*",
"matchCriteriaId": "3352212C-E820-47B3-BDF5-57018F5B9E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3g:*:*:*:*:*:*",
"matchCriteriaId": "6436ADFD-6B94-4D2A-B09B-CED4EC6CA276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
"matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*",
"matchCriteriaId": "7F916A39-13BD-44A7-A9EC-1FD40EBE357C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*",
"matchCriteriaId": "4F8219B4-1FC2-4383-83E6-92DF700C72D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*",
"matchCriteriaId": "C44C9D6A-8BBE-4970-A732-B9F86D42A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*",
"matchCriteriaId": "427F4ED8-8782-4BDF-A559-11CB8E0A65F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*",
"matchCriteriaId": "63DDC95E-BBCD-4A68-9AFB-B5F9D206818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*",
"matchCriteriaId": "B27E3424-5D4E-4E5D-8762-7AECBB11FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2D217AAB-D45F-480B-8F82-16B261F370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*",
"matchCriteriaId": "1B58312B-D72B-4F13-9EF5-0F42CE592757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*",
"matchCriteriaId": "8FBB88C2-793A-40F2-AA40-EC315115AE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*",
"matchCriteriaId": "21F59801-904B-427F-A1A9-C933E38AB7AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*",
"matchCriteriaId": "5A3FFDE9-FD36-41F9-AC35-E14BB6AEF7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*",
"matchCriteriaId": "D22AFAE1-F817-4037-8EE5-AF04314AAAB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*",
"matchCriteriaId": "8D4C44D6-73AD-48A3-B5F3-31B1FDC77E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*",
"matchCriteriaId": "5D1694B2-1CD9-4943-8CFF-38218CDB88F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*",
"matchCriteriaId": "154B54C8-1D65-4D3E-A64B-CF2D21E71FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*",
"matchCriteriaId": "D86BCD56-4BD6-4C61-B80E-12E47D12A00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*",
"matchCriteriaId": "6741A159-1D92-4E25-BD43-606DE1138D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*",
"matchCriteriaId": "DCC98C53-EEC1-4CFE-9C31-9F2592723B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C565246C-896C-4E48-8C24-344C9B0A3057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202007001:*:*:*:*:*:*",
"matchCriteriaId": "8479F377-4F47-433D-867D-A94A4B0E46EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*",
"matchCriteriaId": "9969057F-BD3A-474E-8A02-087575A8AA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*",
"matchCriteriaId": "7111974A-2A88-4209-8CBB-F872993AE4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*",
"matchCriteriaId": "35722902-3652-44F1-89C2-08EB51F2A1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*",
"matchCriteriaId": "E469AC46-D464-4960-8F23-CA59B3DCB7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*",
"matchCriteriaId": "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*",
"matchCriteriaId": "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*",
"matchCriteriaId": "739948F5-E005-49E3-B412-4E035C7D95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*",
"matchCriteriaId": "D1828A75-5088-4992-A06B-A58B62536F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*",
"matchCriteriaId": "58030F5A-82E1-4D54-A8F0-30CAAD4C8402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*",
"matchCriteriaId": "9A013753-5E40-4CD8-A649-6CD023E0A970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*",
"matchCriteriaId": "F554BC79-A92C-4287-9D94-3657C48E36CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*",
"matchCriteriaId": "F82710D4-3FAB-469F-B15C-F22B4786AE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*",
"matchCriteriaId": "BDE7B96D-AD37-406D-AF62-3797E7A55119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*",
"matchCriteriaId": "A9C294EC-F0BE-44DA-9073-D29D693F0964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*",
"matchCriteriaId": "E05B6CD2-A581-46C2-AEA7-D8A6028FB466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*",
"matchCriteriaId": "6CEC1380-E75E-40B5-BDE8-94E12317CCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*",
"matchCriteriaId": "C7B7079D-785C-4941-929A-C82B54809728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*",
"matchCriteriaId": "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*",
"matchCriteriaId": "31F8FFF5-25BD-408D-9089-567AF16BA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*",
"matchCriteriaId": "EE834CFD-5533-4989-8836-D0F07ED4919C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*",
"matchCriteriaId": "092F9149-6B82-48CD-B90C-87DB36881F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*",
"matchCriteriaId": "B2EA0EC1-0139-403C-AC9B-08D8530F4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*",
"matchCriteriaId": "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*",
"matchCriteriaId": "755CCD27-3C87-497F-BDBB-48D3163909A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201911001:*:*:*:*:*:*",
"matchCriteriaId": "2130E67D-7F2A-4D82-BEFD-BA42B6B6FDA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*",
"matchCriteriaId": "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*",
"matchCriteriaId": "1CE71B5C-586B-4829-9A7E-3A008A1C1E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*",
"matchCriteriaId": "802A1549-678C-4001-807B-97AD0953B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*",
"matchCriteriaId": "A6024926-4AE4-4609-99DE-E3173A72058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*",
"matchCriteriaId": "AB1CAAFF-616A-4455-86CA-0ED553D3D27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*",
"matchCriteriaId": "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*",
"matchCriteriaId": "13C713B1-AEA0-40B0-829E-4D0A23808577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004301:*:*:*:*:*:*",
"matchCriteriaId": "04BAED99-1BF3-4089-B6E6-0BE505E6D846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004401:*:*:*:*:*:*",
"matchCriteriaId": "F318EA34-1EB7-484D-B016-3173683B0823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004402:*:*:*:*:*:*",
"matchCriteriaId": "08254171-3483-4796-AD29-8C8A66BEA7A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004403:*:*:*:*:*:*",
"matchCriteriaId": "BB87B220-ED25-4818-8E70-A9663CCEF005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004404:*:*:*:*:*:*",
"matchCriteriaId": "1275D19D-05C0-42F8-8402-647E512DAC72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004405:*:*:*:*:*:*",
"matchCriteriaId": "7D919EB9-F45B-4A4B-9887-7DE98065B766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004406:*:*:*:*:*:*",
"matchCriteriaId": "6CB29FBD-2AD3-49D0-9F49-AE4DD9192C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004407:*:*:*:*:*:*",
"matchCriteriaId": "C2ACA3A8-5B40-45C4-B47F-0DCF04D6700F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004408:*:*:*:*:*:*",
"matchCriteriaId": "92E98665-4919-4D45-88CF-28835DADD6E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C0A275B7-DBF3-4332-8B5F-C9CAD84229B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202008001:*:*:*:*:*:*",
"matchCriteriaId": "497F58A2-0A2C-4A59-A73B-31C956EF3CD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi and vCenter Server contain a partial denial of service vulnerability in their respective authentication services. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3."
},
{
"lang": "es",
"value": "VMware ESXi y vCenter Server, contienen una vulnerabilidad de denegaci\u00f3n de servicio parcial en sus respectivos servicios de autenticaci\u00f3n. VMware ha evaluado que la gravedad de este problema se encuentra en el rango de gravedad Moderada con una puntuaci\u00f3n base m\u00e1xima de CVSSv3 de 5.3."
}
],
"id": "CVE-2020-3976",
"lastModified": "2024-11-21T05:32:05.890",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-21T13:15:14.130",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0018.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-28 02:15
Modified
2025-05-08 16:15
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Summary
VMware Cloud Foundation (NSX-V) contains an XML External Entity (XXE) vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | nsx_data_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "491E3F25-E692-4A0D-B281-4AEAB803B888",
"versionEndExcluding": "3.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:nsx_data_center:*:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "39720F25-83FC-4167-8814-DDCD4F56D916",
"versionEndExcluding": "6.4.14",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Cloud Foundation (NSX-V) contains an XML External Entity (XXE) vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure."
},
{
"lang": "es",
"value": "VMware Cloud Foundation (NSX-V) contiene una vulnerabilidad de entidad externa XML (XXE). En instancias VCF 3.x con NSX-V implementado, esto puede permitir que un usuario aproveche este problema y provoque una condici\u00f3n de Denegaci\u00f3n de Servicio o divulgaci\u00f3n de informaci\u00f3n no intencionada."
}
],
"id": "CVE-2022-31678",
"lastModified": "2025-05-08T16:15:21.123",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-10-28T02:15:17.267",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0027.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-611"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 12:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vCenter Server contains a file path traversal vulnerability leading to information disclosure in the appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5071E0B4-FE4B-4525-BAF6-3900D9C8D48D",
"versionEndExcluding": "5.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains a file path traversal vulnerability leading to information disclosure in the appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de salto de ruta de archivos que conlleva a una divulgaci\u00f3n de informaci\u00f3n en la API de administraci\u00f3n de dispositivos. Un actor malicioso con acceso de red al puerto 443 de vCenter Server puede explotar este problema para conseguir acceso a informaci\u00f3n confidencial"
}
],
"id": "CVE-2021-22013",
"lastModified": "2024-11-21T05:49:26.380",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T12:15:08.083",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-05 18:15
Modified
2025-05-07 15:37
Severity ?
7.9 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
8.2 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D725D84-6426-459F-9B49-ADE7A13FA19A",
"versionEndIncluding": "5.0",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
"matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "238E7AF4-722B-423D-ABB1-424286B06715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "1E4DE8C7-72FB-4BEC-AD9E-378786295011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1e:*:*:*:*:*:*",
"matchCriteriaId": "2E6DE184-35C8-4A13-91D4-4B43E9F0168C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "D3E3A02D-6C1E-4DE8-B845-60F53C056F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*",
"matchCriteriaId": "12D385F0-DB2B-4802-AD0E-31441DA056B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*",
"matchCriteriaId": "2C202879-9230-4E1D-BAB8-4FB7CE4BBC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*",
"matchCriteriaId": "CC6DC107-5142-4155-A33B-D5BE72E9ED38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2e:*:*:*:*:*:*",
"matchCriteriaId": "39817170-5C45-4F8A-916D-81B7352055DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "4ADC3CFF-7415-46A5-817A-2F053B261E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*",
"matchCriteriaId": "A2F831A7-544E-4B45-BA49-7F7A0234579C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*",
"matchCriteriaId": "80A0DD2E-F1CC-413B-91F9-E3986011A0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3e:*:*:*:*:*:*",
"matchCriteriaId": "C77771B2-BC64-47A5-B6DB-9CBCC4456B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3f:*:*:*:*:*:*",
"matchCriteriaId": "86DE9CE6-F6C0-47D2-B3AB-34852A8B9603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3g:*:*:*:*:*:*",
"matchCriteriaId": "E75B2F03-702E-4359-9BB2-E234F1DC38C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3i:*:*:*:*:*:*",
"matchCriteriaId": "ACAA9494-5248-4B01-8BC1-C38AB615FFD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3j:*:*:*:*:*:*",
"matchCriteriaId": "BF12014B-BF2B-42EF-B70C-59CDA8E2176F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3k:*:*:*:*:*:*",
"matchCriteriaId": "F965D853-EE4A-41F5-840B-2D009ACC9754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3l:*:*:*:*:*:*",
"matchCriteriaId": "BA7B7313-FF53-43C9-AF4D-B639053D3FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3m:*:*:*:*:*:*",
"matchCriteriaId": "9FB5738F-27E4-42C6-BD1B-F7F66A7EF0A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3n:*:*:*:*:*:*",
"matchCriteriaId": "FC3668A6-262B-42BF-9E90-28BAA9BB3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3o:*:*:*:*:*:*",
"matchCriteriaId": "DA4E9185-44BA-41E6-8600-C8616E199334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0.0:b:*:*:*:*:*:*",
"matchCriteriaId": "BC6F088D-0404-4588-9788-7A5903C5BC82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "7A1A402A-9262-4B97-A0B7-E5AE045E394D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:a:*:*:*:*:*:*",
"matchCriteriaId": "FE44B379-9943-4DD1-8514-26F87482AFA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:b:*:*:*:*:*:*",
"matchCriteriaId": "2A797377-8945-4D75-AA68-A768855E5842",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:c:*:*:*:*:*:*",
"matchCriteriaId": "79D84D76-54BE-49E9-905C-7D65B4B42D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2F8767F7-7C3D-457D-9EAC-E8A30796F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "29AF8474-2D7A-4C5A-82B9-7A873AD90C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "7781A2CA-D927-48CD-9932-AE42B7BA1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "360C1B71-5360-4379-B0DE-63BB8F5E6DA2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi contains an out-of-bounds write vulnerability.\u00a0A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox.\n\n\n\n\n\n\n\n\n\n\n\n"
},
{
"lang": "es",
"value": "VMware ESXi contiene una vulnerabilidad de escritura fuera de los l\u00edmites. Un actor malicioso con privilegios dentro del proceso VMX puede desencadenar una escritura fuera de los l\u00edmites que conduzca a un escape del entorno limitado."
}
],
"id": "CVE-2024-22254",
"lastModified": "2025-05-07T15:37:28.313",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 5.8,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-05T18:15:48.100",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0006.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-31 18:15
Modified
2024-11-21 05:49
Severity ?
Summary
Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0004.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0004.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | 3.0 | |
| vmware | cloud_foundation | 3.0.1 | |
| vmware | cloud_foundation | 3.0.1.1 | |
| vmware | cloud_foundation | 3.5 | |
| vmware | cloud_foundation | 3.5.1 | |
| vmware | cloud_foundation | 3.7 | |
| vmware | cloud_foundation | 3.7.1 | |
| vmware | cloud_foundation | 3.7.2 | |
| vmware | cloud_foundation | 3.8 | |
| vmware | cloud_foundation | 3.8.1 | |
| vmware | cloud_foundation | 3.9 | |
| vmware | cloud_foundation | 3.9.1 | |
| vmware | cloud_foundation | 3.10 | |
| vmware | cloud_foundation | 4.0 | |
| vmware | cloud_foundation | 4.0.1 | |
| vmware | vrealize_operations_manager | 7.0.0 | |
| vmware | vrealize_operations_manager | 7.5.0 | |
| vmware | vrealize_operations_manager | 8.0.0 | |
| vmware | vrealize_operations_manager | 8.0.1 | |
| vmware | vrealize_operations_manager | 8.1.0 | |
| vmware | vrealize_operations_manager | 8.1.1 | |
| vmware | vrealize_operations_manager | 8.2.0 | |
| vmware | vrealize_operations_manager | 8.3.0 | |
| vmware | vrealize_suite_lifecycle_manager | 8.0 | |
| vmware | vrealize_suite_lifecycle_manager | 8.0.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.1 | |
| vmware | vrealize_suite_lifecycle_manager | 8.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BEACD8D-30EF-44FE-839B-DA69E6CED23A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36847AD6-88CC-4228-AB4E-5161B381267C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC3C214-DEFC-48D9-8728-31F19095375E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0BF5CF56-8DE1-42F5-9EC1-E5666DD7FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36668618-33C3-460A-879B-A9741405C9D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "8266FD66-3BB6-4720-9D9F-06EFB38FA4B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8D4C25D3-BC49-4727-B7A2-28C0F2E647EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3E9AB6FF-D508-42FF-8FB9-24B96AE2F03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "328785AE-390C-4CA2-9771-4A26387E4E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "298B797F-C3B6-445C-AADB-8633B446F10F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F97BA12F-A60D-4398-9CA8-DE2F7BACBA8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E19009EB-02D3-424A-947D-7B66EFCCE422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "89656A51-0840-4A27-B05B-7E54B0CF0521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "38EB0C0C-56CF-4A8F-A36F-E0E180B9059E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A54544F5-5929-4609-A91C-FCA0FDBFE862",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B7985EA2-E167-4BB9-91CA-D57110413B63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:7.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC6471F-2FB5-4C7A-9B5D-0B08A8E2C08C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B5F35204-5A57-4086-B782-77A25471F9EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "536C689B-F40A-4090-B7F9-3D16C6B2A82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:8.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76A32960-1C18-4DA5-A870-C15C432B6CE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4FCFFA39-F7EA-4065-B0B5-A1E2B120EBA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:8.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B612FDA-4210-44FE-9B5C-F678EA2CD6FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_operations_manager:8.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C0256D20-63D3-4DE9-9637-94033F11FC7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3318D91-40AC-4649-8FCD-4557C8F934B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A06C29AB-1EAF-43EF-96C3-9E3468911B2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "43723EC2-295E-4AF7-B654-70F9E42F4807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB84C30-EE5D-4C15-A74E-7B2B3E0DED4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system."
},
{
"lang": "es",
"value": "La vulnerabilidad de escritura arbitraria de archivos en la API vRealize Operations Manager (CVE-2021-21983) anterior a la versi\u00f3n 8.4, puede permitir que un actor malicioso autenticado con acceso de red para la API vRealize Operations Manager pueda escribir archivos en ubicaciones arbitrarias en el sistema operativo photon subyacente."
}
],
"id": "CVE-2021-21983",
"lastModified": "2024-11-21T05:49:22.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.5,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-31T18:15:14.723",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html"
},
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/162349/VMware-vRealize-Operations-Manager-Server-Side-Request-Forgery-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0004.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-11-23 22:15
Modified
2025-04-02 20:22
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2020-0027.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/724367 | US Government Resource, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2020-0027.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | identity_manager | 3.3.1 | |
| vmware | identity_manager | 3.3.2 | |
| vmware | identity_manager | 3.3.3 | |
| vmware | identity_manager_connector | 3.3.1 | |
| vmware | identity_manager_connector | 3.3.2 | |
| vmware | one_access | 20.01 | |
| vmware | one_access | 20.10 | |
| linux | linux_kernel | - | |
| vmware | identity_manager_connector | 3.3.1 | |
| vmware | identity_manager_connector | 3.3.2 | |
| vmware | identity_manager_connector | 3.3.3 | |
| microsoft | windows | - | |
| vmware | cloud_foundation | 4.0 | |
| vmware | cloud_foundation | 4.0.1 | |
| vmware | vrealize_suite_lifecycle_manager | * |
{
"cisaActionDue": "2022-05-03",
"cisaExploitAdd": "2021-11-03",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Multiple VMware Products Command Injection Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E7DAA017-7535-47D6-A4C7-59F69ED0F43F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "22BC2D96-5922-4995-B006-1BAB5FE51D93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "97D98937-489B-4AA5-B99E-9AB639C582CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager_connector:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4CFFC72D-0068-49D0-B816-706CC2A2389C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager_connector:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EE9DF6CB-58CF-49BE-B61C-F5115B333E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:one_access:20.01:*:*:*:*:*:*:*",
"matchCriteriaId": "1A251628-E02A-42B2-85E4-71C2B6F09BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:one_access:20.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D86477D5-C441-490C-A9D3-9CDE47542191",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:identity_manager_connector:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4CFFC72D-0068-49D0-B816-706CC2A2389C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager_connector:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EE9DF6CB-58CF-49BE-B61C-F5115B333E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager_connector:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D035B36-3D87-494F-B147-6D03F2B1A375",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "38EB0C0C-56CF-4A8F-A36F-E0E180B9059E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A54544F5-5929-4609-A91C-FCA0FDBFE862",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4767C7D-8165-43A6-8F16-12F8EE65FDFB",
"versionEndIncluding": "8.2",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability."
},
{
"lang": "es",
"value": "VMware Workspace One Access, Access Connector, Identity Manager e Identity Manager Connector abordan una vulnerabilidad de inyecci\u00f3n de comandos"
}
],
"id": "CVE-2020-4006",
"lastModified": "2025-04-02T20:22:15.380",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2020-11-23T22:15:12.663",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource",
"Third Party Advisory"
],
"url": "https://www.kb.cert.org/vuls/id/724367"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0027.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-04 23:15
Modified
2024-11-21 06:47
Severity ?
Summary
VMware Cloud Foundation contains an information disclosure vulnerability due to logging of credentials in plain-text within multiple log files on the SDDC Manager. A malicious actor with root access on VMware Cloud Foundation SDDC Manager may be able to view credentials in plaintext within one or more log files.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2022-0003.html | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2022-0003.html | Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEBD9C21-C9E9-45EB-8370-B499C0B9290A",
"versionEndIncluding": "3.10.2.2",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DD4BE55-532A-4423-B658-4D658BA841AD",
"versionEndIncluding": "4.1.0.1",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Cloud Foundation contains an information disclosure vulnerability due to logging of credentials in plain-text within multiple log files on the SDDC Manager. A malicious actor with root access on VMware Cloud Foundation SDDC Manager may be able to view credentials in plaintext within one or more log files."
},
{
"lang": "es",
"value": "VMware Cloud Foundation contiene una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n debido al registro de credenciales en texto plano dentro de varios archivos de registro en el SDDC Manager. Un actor malicioso con acceso a root en VMware Cloud Foundation SDDC Manager puede ser capaz de visualizar las credenciales en texto plano dentro de uno o m\u00e1s archivos de registro"
}
],
"id": "CVE-2022-22939",
"lastModified": "2024-11-21T06:47:38.813",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-04T23:15:13.393",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0003.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-07-13 19:15
Modified
2024-11-21 05:49
Severity ?
Summary
OpenSLP as used in ESXi has a denial-of-service vulnerability due a heap out-of-bounds read issue. A malicious actor with network access to port 427 on ESXi may be able to trigger a heap out-of-bounds read in OpenSLP service resulting in a denial-of-service condition.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB57C2D7-0571-436F-B41C-D044D0F991B4",
"versionEndExcluding": "3.10.2",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A0F19B24-FF68-4DEA-A514-DEEF99F141F9",
"versionEndExcluding": "4.3",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201908001:*:*:*:*:*:*",
"matchCriteriaId": "7F916A39-13BD-44A7-A9EC-1FD40EBE357C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201910001:*:*:*:*:*:*",
"matchCriteriaId": "4F8219B4-1FC2-4383-83E6-92DF700C72D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-20191004001:*:*:*:*:*:*",
"matchCriteriaId": "C44C9D6A-8BBE-4970-A732-B9F86D42A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911001:*:*:*:*:*:*",
"matchCriteriaId": "427F4ED8-8782-4BDF-A559-11CB8E0A65F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911401:*:*:*:*:*:*",
"matchCriteriaId": "63DDC95E-BBCD-4A68-9AFB-B5F9D206818E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201911402:*:*:*:*:*:*",
"matchCriteriaId": "B27E3424-5D4E-4E5D-8762-7AECBB11FE16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2D217AAB-D45F-480B-8F82-16B261F370D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912002:*:*:*:*:*:*",
"matchCriteriaId": "1B58312B-D72B-4F13-9EF5-0F42CE592757",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912101:*:*:*:*:*:*",
"matchCriteriaId": "8FBB88C2-793A-40F2-AA40-EC315115AE0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912102:*:*:*:*:*:*",
"matchCriteriaId": "21F59801-904B-427F-A1A9-C933E38AB7AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912103:*:*:*:*:*:*",
"matchCriteriaId": "5A3FFDE9-FD36-41F9-AC35-E14BB6AEF7CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912104:*:*:*:*:*:*",
"matchCriteriaId": "D22AFAE1-F817-4037-8EE5-AF04314AAAB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912301:*:*:*:*:*:*",
"matchCriteriaId": "8D4C44D6-73AD-48A3-B5F3-31B1FDC77E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912401:*:*:*:*:*:*",
"matchCriteriaId": "5D1694B2-1CD9-4943-8CFF-38218CDB88F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912402:*:*:*:*:*:*",
"matchCriteriaId": "154B54C8-1D65-4D3E-A64B-CF2D21E71FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912403:*:*:*:*:*:*",
"matchCriteriaId": "D86BCD56-4BD6-4C61-B80E-12E47D12A00F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201912404:*:*:*:*:*:*",
"matchCriteriaId": "6741A159-1D92-4E25-BD43-606DE1138D49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202005001:*:*:*:*:*:*",
"matchCriteriaId": "DCC98C53-EEC1-4CFE-9C31-9F2592723B3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C565246C-896C-4E48-8C24-344C9B0A3057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202007001:*:*:*:*:*:*",
"matchCriteriaId": "8479F377-4F47-433D-867D-A94A4B0E46EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202010001:*:*:*:*:*:*",
"matchCriteriaId": "ECC2468D-6B23-4C7E-951B-DDA8DD17B51E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202011001:*:*:*:*:*:*",
"matchCriteriaId": "2CB7210B-C9FC-41FA-A258-1F6EC737E9BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202011002:*:*:*:*:*:*",
"matchCriteriaId": "3279299C-37AD-47DF-B22A-20562D13AD80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202102001:*:*:*:*:*:*",
"matchCriteriaId": "91032EB0-AC08-459A-8D78-C7412AE64E3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202102002:*:*:*:*:*:*",
"matchCriteriaId": "7C5987AE-6E37-4470-A192-5E2F1C999F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202102003:*:*:*:*:*:*",
"matchCriteriaId": "F603C437-FC49-4CCA-8A1A-3264CAE794B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201-ug:*:*:*:*:*:*",
"matchCriteriaId": "7264CDC9-FB2D-45A9-9307-C197B1052477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202-ug:*:*:*:*:*:*",
"matchCriteriaId": "D0538570-759A-441A-BC37-556642C090F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203-ug:*:*:*:*:*:*",
"matchCriteriaId": "9CF906E5-A846-49BA-925B-C6059FD02BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204-ug:*:*:*:*:*:*",
"matchCriteriaId": "7D3D0230-53D4-469F-AD46-74F057F6F9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205-ug:*:*:*:*:*:*",
"matchCriteriaId": "8D8E89CE-C919-4CDF-98BE-BA9A126B36BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206-ug:*:*:*:*:*:*",
"matchCriteriaId": "73DA1453-4756-4C16-9640-B3B0C6F617DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207-ug:*:*:*:*:*:*",
"matchCriteriaId": "589EE886-6927-4AEA-903C-155C23B1747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BDDFA27-0D99-4D98-B00F-5D038488BAAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209-ug:*:*:*:*:*:*",
"matchCriteriaId": "3F931502-8460-4373-92D7-CFD817F4A062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210-ug:*:*:*:*:*:*",
"matchCriteriaId": "287D4E48-4890-46C2-8B9B-1CE484C9D30A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211-ug:*:*:*:*:*:*",
"matchCriteriaId": "A916EB29-ADE4-4D65-BF8E-98B44E466AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212-ug:*:*:*:*:*:*",
"matchCriteriaId": "BC024B88-DEDD-49E5-B668-5B00C212B6A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213-ug:*:*:*:*:*:*",
"matchCriteriaId": "DB9F131B-46BE-44F8-904B-FD0839926B18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214-ug:*:*:*:*:*:*",
"matchCriteriaId": "BA2195E5-3BAD-4E90-BE40-A59C0A6A9EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215-ug:*:*:*:*:*:*",
"matchCriteriaId": "1503D3D9-E1A7-41F9-B26D-0AED8ABE6FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216-ug:*:*:*:*:*:*",
"matchCriteriaId": "7BD28EE0-808D-4A76-B707-F163527608C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217-ug:*:*:*:*:*:*",
"matchCriteriaId": "79225541-575F-44FC-8ED6-24BA6A4128EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218-ug:*:*:*:*:*:*",
"matchCriteriaId": "8A4A62CD-A46B-4612-9DC8-7744E6D5EA40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219-ug:*:*:*:*:*:*",
"matchCriteriaId": "D526CE1D-ED76-44EB-9377-53EF7556E254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220-ug:*:*:*:*:*:*",
"matchCriteriaId": "D7E92A1C-40EB-441B-A634-42609527210A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221-ug:*:*:*:*:*:*",
"matchCriteriaId": "111A10BE-FC5A-4272-9719-1DED62694A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222-ug:*:*:*:*:*:*",
"matchCriteriaId": "FC65FCFC-CD55-401A-8986-A1DBF544D228",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223-ug:*:*:*:*:*:*",
"matchCriteriaId": "EEBD3AEC-284C-44E1-A4CD-010787114737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224-ug:*:*:*:*:*:*",
"matchCriteriaId": "42F87C20-5A00-43C9-A445-50AD716233D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225-ug:*:*:*:*:*:*",
"matchCriteriaId": "C1412AFC-CBE8-4151-B01D-785F11ACAB85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226-ug:*:*:*:*:*:*",
"matchCriteriaId": "6431DD1F-2269-4AFB-B486-9B6373F41C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BA5D0CB-E5B0-4C95-91A7-C662BAE01483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228-ug:*:*:*:*:*:*",
"matchCriteriaId": "A86BDAB4-3924-45A8-9130-517DEA184FA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229-ug:*:*:*:*:*:*",
"matchCriteriaId": "A6EAE07B-2849-4E3B-B8D0-F68E6440A9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*",
"matchCriteriaId": "9969057F-BD3A-474E-8A02-087575A8AA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*",
"matchCriteriaId": "7111974A-2A88-4209-8CBB-F872993AE4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*",
"matchCriteriaId": "35722902-3652-44F1-89C2-08EB51F2A1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*",
"matchCriteriaId": "E469AC46-D464-4960-8F23-CA59B3DCB7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*",
"matchCriteriaId": "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*",
"matchCriteriaId": "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*",
"matchCriteriaId": "739948F5-E005-49E3-B412-4E035C7D95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*",
"matchCriteriaId": "D1828A75-5088-4992-A06B-A58B62536F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*",
"matchCriteriaId": "58030F5A-82E1-4D54-A8F0-30CAAD4C8402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*",
"matchCriteriaId": "9A013753-5E40-4CD8-A649-6CD023E0A970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*",
"matchCriteriaId": "F554BC79-A92C-4287-9D94-3657C48E36CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*",
"matchCriteriaId": "F82710D4-3FAB-469F-B15C-F22B4786AE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*",
"matchCriteriaId": "BDE7B96D-AD37-406D-AF62-3797E7A55119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*",
"matchCriteriaId": "A9C294EC-F0BE-44DA-9073-D29D693F0964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*",
"matchCriteriaId": "E05B6CD2-A581-46C2-AEA7-D8A6028FB466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*",
"matchCriteriaId": "6CEC1380-E75E-40B5-BDE8-94E12317CCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*",
"matchCriteriaId": "C7B7079D-785C-4941-929A-C82B54809728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*",
"matchCriteriaId": "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*",
"matchCriteriaId": "31F8FFF5-25BD-408D-9089-567AF16BA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*",
"matchCriteriaId": "EE834CFD-5533-4989-8836-D0F07ED4919C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*",
"matchCriteriaId": "092F9149-6B82-48CD-B90C-87DB36881F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*",
"matchCriteriaId": "B2EA0EC1-0139-403C-AC9B-08D8530F4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*",
"matchCriteriaId": "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*",
"matchCriteriaId": "755CCD27-3C87-497F-BDBB-48D3163909A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201911001:*:*:*:*:*:*",
"matchCriteriaId": "2130E67D-7F2A-4D82-BEFD-BA42B6B6FDA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*",
"matchCriteriaId": "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*",
"matchCriteriaId": "1CE71B5C-586B-4829-9A7E-3A008A1C1E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*",
"matchCriteriaId": "802A1549-678C-4001-807B-97AD0953B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*",
"matchCriteriaId": "A6024926-4AE4-4609-99DE-E3173A72058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*",
"matchCriteriaId": "AB1CAAFF-616A-4455-86CA-0ED553D3D27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*",
"matchCriteriaId": "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*",
"matchCriteriaId": "13C713B1-AEA0-40B0-829E-4D0A23808577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004301:*:*:*:*:*:*",
"matchCriteriaId": "04BAED99-1BF3-4089-B6E6-0BE505E6D846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004401:*:*:*:*:*:*",
"matchCriteriaId": "F318EA34-1EB7-484D-B016-3173683B0823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004402:*:*:*:*:*:*",
"matchCriteriaId": "08254171-3483-4796-AD29-8C8A66BEA7A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004403:*:*:*:*:*:*",
"matchCriteriaId": "BB87B220-ED25-4818-8E70-A9663CCEF005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004404:*:*:*:*:*:*",
"matchCriteriaId": "1275D19D-05C0-42F8-8402-647E512DAC72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004405:*:*:*:*:*:*",
"matchCriteriaId": "7D919EB9-F45B-4A4B-9887-7DE98065B766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004406:*:*:*:*:*:*",
"matchCriteriaId": "6CB29FBD-2AD3-49D0-9F49-AE4DD9192C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004407:*:*:*:*:*:*",
"matchCriteriaId": "C2ACA3A8-5B40-45C4-B47F-0DCF04D6700F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004408:*:*:*:*:*:*",
"matchCriteriaId": "92E98665-4919-4D45-88CF-28835DADD6E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C0A275B7-DBF3-4332-8B5F-C9CAD84229B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202008001:*:*:*:*:*:*",
"matchCriteriaId": "497F58A2-0A2C-4A59-A73B-31C956EF3CD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202010001:*:*:*:*:*:*",
"matchCriteriaId": "18E8632C-E442-4F18-BFE2-96AE5C839F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202011001:*:*:*:*:*:*",
"matchCriteriaId": "13D69B99-CB36-45DD-9FD9-C58186998200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202011002:*:*:*:*:*:*",
"matchCriteriaId": "EF0BC157-1834-46D8-9BF9-0CE9648C7D8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202102001:*:*:*:*:*:*",
"matchCriteriaId": "728136B6-47A7-42BC-9464-7745E4F2B4FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202103001:*:*:*:*:*:*",
"matchCriteriaId": "3967967A-E0A5-45B3-999C-D749A9B0C791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "F030A666-1955-438B-8417-5C294905399F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
"matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "238E7AF4-722B-423D-ABB1-424286B06715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "1E4DE8C7-72FB-4BEC-AD9E-378786295011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "OpenSLP as used in ESXi has a denial-of-service vulnerability due a heap out-of-bounds read issue. A malicious actor with network access to port 427 on ESXi may be able to trigger a heap out-of-bounds read in OpenSLP service resulting in a denial-of-service condition."
},
{
"lang": "es",
"value": "OpenSLP, tal como se utiliza en ESXi, presenta una vulnerabilidad de denegaci\u00f3n de servicio debido a un problema de lectura fuera de l\u00edmites de la pila. Un actor malicioso con acceso de red al puerto 427 en ESXi puede ser capaz de desencadenar una lectura fuera de l\u00edmites de la pila en el servicio OpenSLP, resultando en una condici\u00f3n de denegaci\u00f3n de servicio"
}
],
"id": "CVE-2021-21995",
"lastModified": "2024-11-21T05:49:24.400",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-13T19:15:09.367",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0014.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-07 21:15
Modified
2024-11-21 07:05
Severity ?
Summary
VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2022-0025.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2022-0025.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | 4.4 | |
| vmware | cloud_foundation | 4.4.1 | |
| vmware | cloud_foundation | 4.4.1.1 | |
| vmware | esxi | * | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "288143A7-D64D-465F-8F81-9434C57189CB",
"versionEndExcluding": "4.3.1.1",
"versionStartIncluding": "4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F7B0AA0D-0BE2-40C5-A432-F607EF66829C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6C767B9C-CDAC-4651-B696-589726CDD5C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:4.4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E216CBB-8C99-46AA-B195-E16393354D14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D223DD19-0441-4EBD-9F51-5E9012434517",
"versionEndExcluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "F030A666-1955-438B-8417-5C294905399F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
"matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "238E7AF4-722B-423D-ABB1-424286B06715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "1E4DE8C7-72FB-4BEC-AD9E-378786295011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1e:*:*:*:*:*:*",
"matchCriteriaId": "2E6DE184-35C8-4A13-91D4-4B43E9F0168C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "D3E3A02D-6C1E-4DE8-B845-60F53C056F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*",
"matchCriteriaId": "12D385F0-DB2B-4802-AD0E-31441DA056B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*",
"matchCriteriaId": "2C202879-9230-4E1D-BAB8-4FB7CE4BBC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*",
"matchCriteriaId": "CC6DC107-5142-4155-A33B-D5BE72E9ED38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2e:*:*:*:*:*:*",
"matchCriteriaId": "39817170-5C45-4F8A-916D-81B7352055DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*",
"matchCriteriaId": "A2F831A7-544E-4B45-BA49-7F7A0234579C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*",
"matchCriteriaId": "80A0DD2E-F1CC-413B-91F9-E3986011A0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3e:*:*:*:*:*:*",
"matchCriteriaId": "C77771B2-BC64-47A5-B6DB-9CBCC4456B67",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host."
},
{
"lang": "es",
"value": "VMware ESXi contiene una vulnerabilidad de deferencia de puntero null. Un actor malicioso con privilegios dentro del proceso VMX solamente, puede crear una condici\u00f3n de negaci\u00f3n de servicio en el host"
}
],
"id": "CVE-2022-31681",
"lastModified": "2024-11-21T07:05:07.027",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-07T21:15:11.337",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0025.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0025.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-12-13 16:15
Modified
2025-04-22 16:15
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Server Appliance ISO operation (Install/Upgrade/Migrate/Restore) can access plaintext passwords used during that operation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | vcenter_server | 7.0 | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*",
"matchCriteriaId": "CF7DDB0C-3C07-4B5E-8B8A-0542FEE72877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*",
"matchCriteriaId": "1DD16169-A7DF-4604-888C-156A60018E32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*",
"matchCriteriaId": "46FC9F34-C8FA-4AFE-9F4A-7CF9516BD4D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*",
"matchCriteriaId": "D26534EB-327B-4ED6-A3E1-005552CB1F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1:*:*:*:*:*:*",
"matchCriteriaId": "7E51F433-1152-4E94-AF77-970230B1A574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1b:*:*:*:*:*:*",
"matchCriteriaId": "0064D104-E0D8-481A-9029-D3726A1A9CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1d:*:*:*:*:*:*",
"matchCriteriaId": "F72A1E9C-F960-4E8C-A46C-B38209E6349E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1e:*:*:*:*:*:*",
"matchCriteriaId": "2C33CE46-F529-4EA9-9344-6ED3BFA7019D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1g:*:*:*:*:*:*",
"matchCriteriaId": "9F1D8161-0E02-45C9-BF61-14799AB65E03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2:*:*:*:*:*:*",
"matchCriteriaId": "1F2CB1FF-6118-4875-945D-07BAA3A21FFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2b:*:*:*:*:*:*",
"matchCriteriaId": "1AEDA28A-5C8E-4E95-A377-3BE530DBEAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2c:*:*:*:*:*:*",
"matchCriteriaId": "BDDC6510-3116-4578-80C8-8EF044A8370A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2d:*:*:*:*:*:*",
"matchCriteriaId": "8678DB48-CB98-4E4C-ADE6-CABA73265FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2g:*:*:*:*:*:*",
"matchCriteriaId": "DBD9A341-1FBF-4E04-848B-550DEB27261A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3:*:*:*:*:*:*",
"matchCriteriaId": "4955663C-1BB6-4F3E-9D4B-362DF144B7F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3d:*:*:*:*:*:*",
"matchCriteriaId": "CE0F8453-3D6C-4F1C-9167-3F02E3D905DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3f:*:*:*:*:*:*",
"matchCriteriaId": "0EAD4045-A7F9-464F-ABB9-3782941162CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3k:*:*:*:*:*:*",
"matchCriteriaId": "2F0A79C2-33AE-40C5-A853-770A4C691F29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3n:*:*:*:*:*:*",
"matchCriteriaId": "D8BB6CBC-11D6-40A4-ABAF-53AB9BED5A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3p:*:*:*:*:*:*",
"matchCriteriaId": "26A3EC15-8C04-49AD-9045-4D9FADBD50CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3q:*:*:*:*:*:*",
"matchCriteriaId": "AF7E87BB-1B5B-4F13-A70C-B3C6716E7919",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3r:*:*:*:*:*:*",
"matchCriteriaId": "70A9244F-2C9C-4D7D-B384-08DDF95770DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3s:*:*:*:*:*:*",
"matchCriteriaId": "2CBEA4F8-CBA3-4C71-96B3-47489F0D299C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3t:*:*:*:*:*:*",
"matchCriteriaId": "B40B0E23-410D-403D-811B-486EBF406E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*",
"matchCriteriaId": "5241C282-A02B-44B2-B6CA-BA3A99F9737C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*",
"matchCriteriaId": "04A60AC7-C2EA-4DBF-9743-54D708584AFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:c:*:*:*:*:*:*",
"matchCriteriaId": "445FA649-B7F4-4AE2-A487-57357AC95241",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*",
"matchCriteriaId": "8A91B0C4-F184-459E-AFD3-DE0E351CC964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1:*:*:*:*:*:*",
"matchCriteriaId": "23253631-2655-48A8-9B00-CB984232329C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1b:*:*:*:*:*:*",
"matchCriteriaId": "50C2A9A8-0E66-4702-BCD4-74622108E7A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2:*:*:*:*:*:*",
"matchCriteriaId": "EE4D3E2A-C32D-408F-B811-EF8BC86F0D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2a:*:*:*:*:*:*",
"matchCriteriaId": "31CA7802-D78D-4BAD-A45A-68B601C010C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2c:*:*:*:*:*:*",
"matchCriteriaId": "3B98981B-4721-4752-BAB4-361DB5AEB86F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3:*:*:*:*:*:*",
"matchCriteriaId": "04487105-980A-4943-9360-4442BF0411E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3a:*:*:*:*:*:*",
"matchCriteriaId": "24D24E06-EB3F-4F11-849B-E66757B01466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3b:*:*:*:*:*:*",
"matchCriteriaId": "8AF12716-88E2-44B5-ACD7-BCBECA130FB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3f:*:*:*:*:*:*",
"matchCriteriaId": "3352212C-E820-47B3-BDF5-57018F5B9E81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3g:*:*:*:*:*:*",
"matchCriteriaId": "6436ADFD-6B94-4D2A-B09B-CED4EC6CA276",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3j:*:*:*:*:*:*",
"matchCriteriaId": "D06832CE-F946-469D-B495-6735F18D02A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3l:*:*:*:*:*:*",
"matchCriteriaId": "726AC46D-9EA8-4FE8-94B8-0562935458F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3m:*:*:*:*:*:*",
"matchCriteriaId": "0243D22F-1591-4A95-A7FE-2658CEE0C08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3n:*:*:*:*:*:*",
"matchCriteriaId": "02AE5983-CD14-4EAF-9F5C-1281E3DE7F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3o:*:*:*:*:*:*",
"matchCriteriaId": "EFDDF4CA-1C20-430E-A17C-CC2998F8BDDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3p:*:*:*:*:*:*",
"matchCriteriaId": "7D2B0FBA-8E4A-491E-8E22-AAD7DBB5FF5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3q:*:*:*:*:*:*",
"matchCriteriaId": "126B4E78-DCE3-4375-80C9-3679F9BF107C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update3r:*:*:*:*:*:*",
"matchCriteriaId": "5D7808C1-9548-4BAE-8EC5-6C406185757F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*",
"matchCriteriaId": "0EE83406-A3D9-4F75-A1A6-63831CEBEEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*",
"matchCriteriaId": "FB563627-C9CF-4D8A-B882-9AB65EAE9E15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*",
"matchCriteriaId": "DCA03B2A-48B2-48AD-B8EB-9D7BB2016819",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*",
"matchCriteriaId": "A2392D0F-D7A2-4E01-9212-1BA6C895AEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6D731C1A-9FE5-461C-97E2-6F45E4CBABE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*",
"matchCriteriaId": "8725E544-2A94-4829-A683-1ECCE57A74A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:*",
"matchCriteriaId": "0FC6765A-6584-45A8-9B21-4951D2EA8939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "F4CA36C1-732E-41AE-B847-F7411B753F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:*",
"matchCriteriaId": "0DA882B6-D811-4E4B-B614-2D48F0B9036E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2b:*:*:*:*:*:*",
"matchCriteriaId": "8D30A78E-16D0-4A2E-A2F8-F6073698243E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2c:*:*:*:*:*:*",
"matchCriteriaId": "188E103E-9568-4CE0-A984-141B2A9E82D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update2d:*:*:*:*:*:*",
"matchCriteriaId": "B266439F-E911-4C95-9D27-88DF96DDCCD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "6508A908-EF14-4A72-AC75-5DA6F8B98A0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3a:*:*:*:*:*:*",
"matchCriteriaId": "3BAD2012-5C82-4EA9-A780-9BF1DA5A18AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3c:*:*:*:*:*:*",
"matchCriteriaId": "58597F18-0B23-4D21-9ABA-D9773958F10E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3d:*:*:*:*:*:*",
"matchCriteriaId": "ADF46C54-313B-4742-A074-EEA0A6554680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3e:*:*:*:*:*:*",
"matchCriteriaId": "9587F800-57BC-44B6-870E-95691684FC46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3f:*:*:*:*:*:*",
"matchCriteriaId": "AD148A75-5076-416D-AFD6-0F281DA0A82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3g:*:*:*:*:*:*",
"matchCriteriaId": "956CEA8C-F8C4-41BD-85B4-44FE3A772E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:update3h:*:*:*:*:*:*",
"matchCriteriaId": "008AEA0F-116B-4AF8-B3A7-3041CCE25235",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22B1BC2E-BF28-4256-AA6C-468023C859EC",
"versionStartIncluding": "3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Server Appliance ISO operation (Install/Upgrade/Migrate/Restore) can access plaintext passwords used during that operation."
},
{
"lang": "es",
"value": "vCenter Server contiene una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n debido al registro de credenciales en texto plano. Un actor malintencionado con acceso a una estaci\u00f3n de trabajo que invoc\u00f3 una operaci\u00f3n ISO de vCenter Server Appliance (instalar/actualizar/migrar/restaurar) puede acceder a las contrase\u00f1as de texto plano utilizadas durante esa operaci\u00f3n."
}
],
"id": "CVE-2022-31697",
"lastModified": "2025-04-22T16:15:29.520",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-12-13T16:15:19.790",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0030.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-312"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-01-30 15:15
Modified
2025-05-14 16:45
Severity ?
8.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Summary
VMware Aria Operations for Logs contains an information disclosure vulnerability. A malicious actor with View Only Admin permissions may be able to read the credentials of a VMware product integrated with VMware Aria Operations for Logs
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | aria_operations_for_logs | * | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:aria_operations_for_logs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7883672C-8E78-4378-9EAB-42A656006A72",
"versionEndExcluding": "8.18.3",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC8A0BB4-A21B-4914-8F4B-37D300A4BBB9",
"versionEndIncluding": "5.2",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations for Logs contains an information disclosure vulnerability.\u00a0A malicious actor with View Only Admin permissions may be able to read the credentials\u00a0of a VMware product integrated with VMware Aria Operations for Logs"
},
{
"lang": "es",
"value": "VMware Aria Operations for Logs contiene una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n. Un actor malintencionado con permisos de administrador de solo lectura podr\u00eda leer las credenciales de un producto VMware integrado con VMware Aria Operations for Logs"
}
],
"id": "CVE-2025-22218",
"lastModified": "2025-05-14T16:45:25.693",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-30T15:15:18.487",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25329"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-209"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-03-04 12:15
Modified
2025-03-05 16:22
Severity ?
7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Summary
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | esxi | 8.0 | |
| vmware | cloud_foundation | - | |
| vmware | fusion | * | |
| vmware | telco_cloud_infrastructure | 2.2 | |
| vmware | telco_cloud_infrastructure | 2.5 | |
| vmware | telco_cloud_infrastructure | 2.7 | |
| vmware | telco_cloud_infrastructure | 3.0 | |
| vmware | telco_cloud_platform | 2.0 | |
| vmware | telco_cloud_platform | 2.5 | |
| vmware | telco_cloud_platform | 2.7 | |
| vmware | telco_cloud_platform | 3.0 | |
| vmware | telco_cloud_platform | 4.0 | |
| vmware | telco_cloud_platform | 4.0.1 | |
| vmware | telco_cloud_platform | 5.0 | |
| vmware | workstation | * |
{
"cisaActionDue": "2025-03-25",
"cisaExploitAdd": "2025-03-04",
"cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "VMware ESXi, Workstation, and Fusion Information Disclosure Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5CBA6B5A-F345-41D1-8AA0-E5F274A2D8FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "F030A666-1955-438B-8417-5C294905399F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "A790D41E-B398-4233-9EC7-CF5BE2BC3161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1b:*:*:*:*:*:*",
"matchCriteriaId": "B7619C16-5306-4C4A-88E8-E80876635F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "238E7AF4-722B-423D-ABB1-424286B06715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "1E4DE8C7-72FB-4BEC-AD9E-378786295011",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1e:*:*:*:*:*:*",
"matchCriteriaId": "2E6DE184-35C8-4A13-91D4-4B43E9F0168C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "D3E3A02D-6C1E-4DE8-B845-60F53C056F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2a:*:*:*:*:*:*",
"matchCriteriaId": "12D385F0-DB2B-4802-AD0E-31441DA056B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2c:*:*:*:*:*:*",
"matchCriteriaId": "2C202879-9230-4E1D-BAB8-4FB7CE4BBC24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2d:*:*:*:*:*:*",
"matchCriteriaId": "CC6DC107-5142-4155-A33B-D5BE72E9ED38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2e:*:*:*:*:*:*",
"matchCriteriaId": "39817170-5C45-4F8A-916D-81B7352055DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "4ADC3CFF-7415-46A5-817A-2F053B261E8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3c:*:*:*:*:*:*",
"matchCriteriaId": "A2F831A7-544E-4B45-BA49-7F7A0234579C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3d:*:*:*:*:*:*",
"matchCriteriaId": "80A0DD2E-F1CC-413B-91F9-E3986011A0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3e:*:*:*:*:*:*",
"matchCriteriaId": "C77771B2-BC64-47A5-B6DB-9CBCC4456B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3f:*:*:*:*:*:*",
"matchCriteriaId": "86DE9CE6-F6C0-47D2-B3AB-34852A8B9603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3g:*:*:*:*:*:*",
"matchCriteriaId": "E75B2F03-702E-4359-9BB2-E234F1DC38C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3i:*:*:*:*:*:*",
"matchCriteriaId": "ACAA9494-5248-4B01-8BC1-C38AB615FFD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3j:*:*:*:*:*:*",
"matchCriteriaId": "BF12014B-BF2B-42EF-B70C-59CDA8E2176F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3k:*:*:*:*:*:*",
"matchCriteriaId": "F965D853-EE4A-41F5-840B-2D009ACC9754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3l:*:*:*:*:*:*",
"matchCriteriaId": "BA7B7313-FF53-43C9-AF4D-B639053D3FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3m:*:*:*:*:*:*",
"matchCriteriaId": "9FB5738F-27E4-42C6-BD1B-F7F66A7EF0A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3n:*:*:*:*:*:*",
"matchCriteriaId": "FC3668A6-262B-42BF-9E90-28BAA9BB3347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3o:*:*:*:*:*:*",
"matchCriteriaId": "DA4E9185-44BA-41E6-8600-C8616E199334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3p:*:*:*:*:*:*",
"matchCriteriaId": "F50302BB-B950-4178-A109-358393E0A50A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3q:*:*:*:*:*:*",
"matchCriteriaId": "BCCA4A31-1291-4FB4-9FA5-D2CCD086D660",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3r:*:*:*:*:*:*",
"matchCriteriaId": "78604FE5-510F-4979-B2E3-D36B3083224A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "7A1A402A-9262-4B97-A0B7-E5AE045E394D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:a:*:*:*:*:*:*",
"matchCriteriaId": "FE44B379-9943-4DD1-8514-26F87482AFA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:b:*:*:*:*:*:*",
"matchCriteriaId": "2A797377-8945-4D75-AA68-A768855E5842",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:c:*:*:*:*:*:*",
"matchCriteriaId": "79D84D76-54BE-49E9-905C-7D65B4B42D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2F8767F7-7C3D-457D-9EAC-E8A30796F751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1a:*:*:*:*:*:*",
"matchCriteriaId": "29AF8474-2D7A-4C5A-82B9-7A873AD90C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1c:*:*:*:*:*:*",
"matchCriteriaId": "7781A2CA-D927-48CD-9932-AE42B7BA1EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_1d:*:*:*:*:*:*",
"matchCriteriaId": "18FD08C9-5895-4BF4-BBE0-C2DDA5F6B836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "360C1B71-5360-4379-B0DE-63BB8F5E6DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_2b:*:*:*:*:*:*",
"matchCriteriaId": "B16ED7C1-9881-452A-8BE0-EDDEAEFE3D7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_2c:*:*:*:*:*:*",
"matchCriteriaId": "ED92209F-FBD6-43F9-9A15-3842B139FCC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "6B701151-1B57-4E2D-A9AB-586FACEA2385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_3b:*:*:*:*:*:*",
"matchCriteriaId": "4230B9AA-9E0C-4AE2-814D-8DD641394879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:8.0:update_3c:*:*:*:*:*:*",
"matchCriteriaId": "F2FA150B-93E4-44D2-BF6D-347085A95776",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31A7BB38-3238-413E-9736-F1A165D40867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F76F8A7-6184-4A39-9FA5-2337CC9D4CB1",
"versionEndExcluding": "13.6.3",
"versionStartIncluding": "13.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_infrastructure:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E46A694-8698-4283-9E25-01F222B63E9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_infrastructure:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "59B9476F-E5E7-46B6-AC38-4630D0933462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_infrastructure:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9A045567-2563-4539-8E95-361087CB7762",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_infrastructure:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D11103A7-6AB5-4E78-BE11-BC2A04A09F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C5F01D7-2675-4D09-B52B-B02D0EF52AEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B5F8D61F-6E8B-4EE3-91DE-EBA6FF7D289E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B1E94D58-26A0-4E84-8CAD-F8CDB6707642",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC33D39A-5760-467E-8284-F4E5D8082BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "448206AA-A023-4AA1-98FD-35BC2A2AB2B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F6E30F8-B977-40A5-9E45-89B5C5E59170",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:telco_cloud_platform:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6B84F65-2E52-4445-8F97-2729B84B18E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3124246D-3287-4657-B40D-E7B80A44E7D7",
"versionEndExcluding": "17.6.3",
"versionStartIncluding": "17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi, Workstation, and Fusion contain\u00a0an information disclosure vulnerability due to an out-of-bounds read in HGFS.\u00a0A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process."
},
{
"lang": "es",
"value": "VMware ESXi, Workstation y Fusion contienen una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n debido a una lectura fuera de los l\u00edmites en HGFS. Un actor malintencionado con privilegios administrativos en una m\u00e1quina virtual podr\u00eda aprovechar este problema para filtrar memoria del proceso vmx."
}
],
"id": "CVE-2025-22226",
"lastModified": "2025-03-05T16:22:52.433",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 4.0,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-03-04T12:15:33.973",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-25 15:15
Modified
2024-11-21 05:32
Severity ?
Summary
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201907101-SG), Workstation (15.x before 15.0.2), and Fusion (11.x before 11.0.2) contain a heap overflow vulnerability in the vmxnet3 virtual network adapter. A malicious actor with local access to a virtual machine with a vmxnet3 network adapter present may be able to read privileged information contained in physical memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | fusion | * | |
| vmware | workstation | * | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73EF8C75-E92C-440B-A7C9-5E2E4C6A36F9",
"versionEndExcluding": "3.7.2",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DEC340C-6848-4ABC-8A3E-3E9B80F4B4EC",
"versionEndExcluding": "11.0.2",
"versionStartIncluding": "11.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00FC06EC-9846-491F-9FB6-B79C5276F90D",
"versionEndExcluding": "15.0.2",
"versionStartIncluding": "15.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "FBA15143-734D-4889-8B5A-2445A2DDDD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201701001:*:*:*:*:*:*",
"matchCriteriaId": "04FA10C6-2B0D-47C9-8C4E-1BA98C97DC7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703001:*:*:*:*:*:*",
"matchCriteriaId": "0D2ED442-3F6D-472A-AA98-51D05A65B2E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201703002:*:*:*:*:*:*",
"matchCriteriaId": "2A71EC72-3389-4EC7-8104-2A78F7B8C0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201704001:*:*:*:*:*:*",
"matchCriteriaId": "F948E806-0F73-4145-A723-7A43BA45842B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707101:*:*:*:*:*:*",
"matchCriteriaId": "75FAFF86-C65F-4723-8A63-BACE2F797937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707102:*:*:*:*:*:*",
"matchCriteriaId": "DBC31DE3-ACFE-422F-B253-2FE4AAFE3954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707103:*:*:*:*:*:*",
"matchCriteriaId": "B30B3EA4-495F-4915-B6E3-5FB9277C2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707201:*:*:*:*:*:*",
"matchCriteriaId": "6FA9E337-B4F3-4895-BA58-962F8CDEE73E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707202:*:*:*:*:*:*",
"matchCriteriaId": "830B0BC1-A368-49AC-B6C9-B000972EF92A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707203:*:*:*:*:*:*",
"matchCriteriaId": "614394F3-3BEE-4E12-AABF-436D54A04313",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707204:*:*:*:*:*:*",
"matchCriteriaId": "350FD3CE-8B64-4FCF-82DE-BE941156F4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707205:*:*:*:*:*:*",
"matchCriteriaId": "C9EAE177-6C7E-4C1B-ADEE-2C036F731272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707206:*:*:*:*:*:*",
"matchCriteriaId": "DFFEEC31-8462-4DF9-A1DA-D7057C209CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707207:*:*:*:*:*:*",
"matchCriteriaId": "0AC6BC16-0A1D-44B3-BA68-63EA05EDD54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707208:*:*:*:*:*:*",
"matchCriteriaId": "942DAD67-9455-4D02-BD3B-BFD2DE7A7E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707209:*:*:*:*:*:*",
"matchCriteriaId": "7ACC1A72-F6B6-430A-AB89-AB0A11587F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707210:*:*:*:*:*:*",
"matchCriteriaId": "45111C74-BF6F-4C05-A0D3-CE325AD0C02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707211:*:*:*:*:*:*",
"matchCriteriaId": "B1CE5849-01B1-4E36-83E8-496A3F328C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707212:*:*:*:*:*:*",
"matchCriteriaId": "A879BA05-3A80-4EBC-AA9D-9B53695425B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707213:*:*:*:*:*:*",
"matchCriteriaId": "3D65A0E8-A1E0-42F3-B77D-2F32979278BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707214:*:*:*:*:*:*",
"matchCriteriaId": "80C10150-39BA-4818-B48F-8645D4A0D316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707215:*:*:*:*:*:*",
"matchCriteriaId": "9792B986-86EF-40E0-9427-A45F858717E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707216:*:*:*:*:*:*",
"matchCriteriaId": "37EDD688-C91A-4A35-913A-82E156ADD242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707217:*:*:*:*:*:*",
"matchCriteriaId": "5CC1AC0E-8D3F-46C0-BDA9-EB9DC9971F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707218:*:*:*:*:*:*",
"matchCriteriaId": "47DA50DA-7CA4-4B76-8B3B-A5732509F71D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707219:*:*:*:*:*:*",
"matchCriteriaId": "76EB1A04-0645-4909-AEF9-33D6FADA4793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707220:*:*:*:*:*:*",
"matchCriteriaId": "F1A35723-D968-42D6-89EB-86CA550516E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201707221:*:*:*:*:*:*",
"matchCriteriaId": "C3AC8A19-F98E-48F1-A1EA-EAA1C7208335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201710001:*:*:*:*:*:*",
"matchCriteriaId": "2D6A3952-8429-4762-8701-47D7C1F05A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201712001:*:*:*:*:*:*",
"matchCriteriaId": "5B007609-C312-469B-BACF-04D6D80DADF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201803001:*:*:*:*:*:*",
"matchCriteriaId": "514F2ECD-FC55-42A5-BEE4-DA7641CC93A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201806001:*:*:*:*:*:*",
"matchCriteriaId": "3594E391-19CD-4803-8285-FA11BE63AB05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201808001:*:*:*:*:*:*",
"matchCriteriaId": "2CEC248D-502E-4A8D-8786-CD72A2E3AB1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810001:*:*:*:*:*:*",
"matchCriteriaId": "4F08529C-B14C-45FB-AEA1-77D12C88CB30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201810002:*:*:*:*:*:*",
"matchCriteriaId": "617835F5-49DA-4B42-8C7B-C122D7363A00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811001:*:*:*:*:*:*",
"matchCriteriaId": "E7DF3ED7-FA3F-4EBC-99AC-B7AD20E85927",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811002:*:*:*:*:*:*",
"matchCriteriaId": "9ED86C29-2EA6-41DD-ACCB-1E02F9CB747E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201811301:*:*:*:*:*:*",
"matchCriteriaId": "DE1372AD-2853-4BED-BB71-6BACB28B95C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201901001:*:*:*:*:*:*",
"matchCriteriaId": "F0E684DF-9E45-459E-AB75-6B4653E5C7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201903001:*:*:*:*:*:*",
"matchCriteriaId": "B3DDD3E9-186F-472C-BA76-C2A363206792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-201905001:*:*:*:*:*:*",
"matchCriteriaId": "A09E9914-DB27-41EF-B55D-5B79ECD1DA69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201907101-SG), Workstation (15.x before 15.0.2), and Fusion (11.x before 11.0.2) contain a heap overflow vulnerability in the vmxnet3 virtual network adapter. A malicious actor with local access to a virtual machine with a vmxnet3 network adapter present may be able to read privileged information contained in physical memory."
},
{
"lang": "es",
"value": "VMware ESXi (versiones 6.7 anteriores a ESXi670-201904101-SG y versiones 6.5 anteriores a ESXi650-201907101-SG), Workstation (versiones 15.x anteriores a 15.0.2) y Fusion (versiones 11.x anteriores a 11.0.2), contiene una vulnerabilidad de desbordamiento de la pila en el adaptador de red virtual vmxnet3. Un actor malicioso con acceso local a una m\u00e1quina virtual con un adaptador de red vmxnet3 presente puede ser capaz de leer informaci\u00f3n privilegiada contenida en la memoria f\u00edsica"
}
],
"id": "CVE-2020-3971",
"lastModified": "2024-11-21T05:32:05.303",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-25T15:15:11.507",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0015.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-16 17:15
Modified
2024-11-21 06:47
Severity ?
Summary
VMware NSX Edge contains a CLI shell injection vulnerability. A malicious actor with SSH access to an NSX-Edge appliance can execute arbitrary commands on the operating system as root.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2022-0005.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2022-0005.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | nsx_data_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5BAF38C-348A-46F6-A1D4-1625D68EDD5A",
"versionEndIncluding": "3.11",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:nsx_data_center:*:*:*:*:*:vsphere:*:*",
"matchCriteriaId": "8ADD95BF-F916-4109-95DA-9B02236948C9",
"versionEndExcluding": "6.4.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware NSX Edge contains a CLI shell injection vulnerability. A malicious actor with SSH access to an NSX-Edge appliance can execute arbitrary commands on the operating system as root."
},
{
"lang": "es",
"value": "VMware NSX Edge contiene una vulnerabilidad de inyecci\u00f3n de shell CLI. Un actor malicioso con acceso SSH a un dispositivo NSX-Edge puede ejecutar comandos arbitrarios en el sistema operativo como root"
}
],
"id": "CVE-2022-22945",
"lastModified": "2024-11-21T06:47:39.440",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-16T17:15:11.733",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0005.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-02-21 05:15
Modified
2025-03-20 20:15
Severity ?
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | aria_operations | * | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:aria_operations:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C91C3D9-96EE-4A38-B722-B629014DC9E5",
"versionEndExcluding": "8.16.0",
"versionStartIncluding": "8.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC8A0BB4-A21B-4914-8F4B-37D300A4BBB9",
"versionEndIncluding": "5.2",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations contains a local privilege escalation vulnerability.\u00a0A malicious actor with administrative access to the local system can escalate privileges to \u0027root\u0027."
},
{
"lang": "es",
"value": "VMware Aria Operations contiene una vulnerabilidad de escalada de privilegios local. Un actor malicioso con acceso administrativo al sistema local puede escalar privilegios a \"root\"."
}
],
"id": "CVE-2024-22235",
"lastModified": "2025-03-20T20:15:31.190",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-21T05:15:08.880",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2024-0004.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-20 17:15
Modified
2024-11-21 05:32
Severity ?
Summary
VMware vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k) contains a session hijack vulnerability in the vCenter Server Appliance Management Interface update function due to a lack of certificate validation. A malicious actor with network positioning between vCenter Server and an update repository may be able to perform a session hijack when the vCenter Server Appliance Management Interface is used to download vCenter updates.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2020-0023.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2020-0023.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 6.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "102115DE-F589-4153-9597-160D82FBAFC7",
"versionEndExcluding": "3.9",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:a:*:*:*:*:*:*",
"matchCriteriaId": "CF7DDB0C-3C07-4B5E-8B8A-0542FEE72877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:b:*:*:*:*:*:*",
"matchCriteriaId": "1DD16169-A7DF-4604-888C-156A60018E32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:c:*:*:*:*:*:*",
"matchCriteriaId": "46FC9F34-C8FA-4AFE-9F4A-7CF9516BD4D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:d:*:*:*:*:*:*",
"matchCriteriaId": "D26534EB-327B-4ED6-A3E1-005552CB1F9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:e:*:*:*:*:*:*",
"matchCriteriaId": "786CDD50-7E18-4437-8DB9-2D0ADECD436E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:f:*:*:*:*:*:*",
"matchCriteriaId": "B2CE8DAE-0E78-4004-983D-1ECD8855EC33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1:*:*:*:*:*:*",
"matchCriteriaId": "7E51F433-1152-4E94-AF77-970230B1A574",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1b:*:*:*:*:*:*",
"matchCriteriaId": "0064D104-E0D8-481A-9029-D3726A1A9CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1c:*:*:*:*:*:*",
"matchCriteriaId": "9B4D3F61-6CD9-411F-A205-EB06A57EBB4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1d:*:*:*:*:*:*",
"matchCriteriaId": "F72A1E9C-F960-4E8C-A46C-B38209E6349E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1e:*:*:*:*:*:*",
"matchCriteriaId": "2C33CE46-F529-4EA9-9344-6ED3BFA7019D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update1g:*:*:*:*:*:*",
"matchCriteriaId": "9F1D8161-0E02-45C9-BF61-14799AB65E03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2:*:*:*:*:*:*",
"matchCriteriaId": "1F2CB1FF-6118-4875-945D-07BAA3A21FFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2b:*:*:*:*:*:*",
"matchCriteriaId": "1AEDA28A-5C8E-4E95-A377-3BE530DBEAB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2c:*:*:*:*:*:*",
"matchCriteriaId": "BDDC6510-3116-4578-80C8-8EF044A8370A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2d:*:*:*:*:*:*",
"matchCriteriaId": "8678DB48-CB98-4E4C-ADE6-CABA73265FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update2g:*:*:*:*:*:*",
"matchCriteriaId": "DBD9A341-1FBF-4E04-848B-550DEB27261A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3:*:*:*:*:*:*",
"matchCriteriaId": "4955663C-1BB6-4F3E-9D4B-362DF144B7F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:update3d:*:*:*:*:*:*",
"matchCriteriaId": "CE0F8453-3D6C-4F1C-9167-3F02E3D905DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:a:*:*:*:*:*:*",
"matchCriteriaId": "5241C282-A02B-44B2-B6CA-BA3A99F9737C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:b:*:*:*:*:*:*",
"matchCriteriaId": "04A60AC7-C2EA-4DBF-9743-54D708584AFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:d:*:*:*:*:*:*",
"matchCriteriaId": "8A91B0C4-F184-459E-AFD3-DE0E351CC964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1:*:*:*:*:*:*",
"matchCriteriaId": "23253631-2655-48A8-9B00-CB984232329C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update1b:*:*:*:*:*:*",
"matchCriteriaId": "50C2A9A8-0E66-4702-BCD4-74622108E7A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2:*:*:*:*:*:*",
"matchCriteriaId": "EE4D3E2A-C32D-408F-B811-EF8BC86F0D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2a:*:*:*:*:*:*",
"matchCriteriaId": "31CA7802-D78D-4BAD-A45A-68B601C010C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:update2c:*:*:*:*:*:*",
"matchCriteriaId": "3B98981B-4721-4752-BAB4-361DB5AEB86F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k) contains a session hijack vulnerability in the vCenter Server Appliance Management Interface update function due to a lack of certificate validation. A malicious actor with network positioning between vCenter Server and an update repository may be able to perform a session hijack when the vCenter Server Appliance Management Interface is used to download vCenter updates."
},
{
"lang": "es",
"value": "VMware vCenter Server (versiones 6.7 anteriores a 6.7u3, versiones 6.6 anteriores a 6.5u3k), contiene una vulnerabilidad de secuestro de sesi\u00f3n en la funci\u00f3n de actualizaci\u00f3n de la vCenter Server Appliance Management Interface debido a la falta de comprobaci\u00f3n del certificado.\u0026#xa0;Un actor malicioso con posicionamiento de red entre vCenter Server y un repositorio de actualizaciones puede ser capaz de realizar un secuestro de sesi\u00f3n cuando la vCenter Server Appliance Management Interface es usado para descargar actualizaciones de vCenter"
}
],
"id": "CVE-2020-3994",
"lastModified": "2024-11-21T05:32:07.787",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-20T17:15:12.967",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0023.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-26 12:15
Modified
2025-05-14 16:36
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
6.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
6.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Summary
VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to views may be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | aria_operations | * | |
| vmware | cloud_foundation | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:aria_operations:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13E1C524-50BF-4B3E-9385-935660A1CC14",
"versionEndExcluding": "8.18.2",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC8A0BB4-A21B-4914-8F4B-37D300A4BBB9",
"versionEndIncluding": "5.2",
"versionStartIncluding": "4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Aria Operations contains a stored cross-site scripting vulnerability.\u00a0A malicious actor with editing access to views may be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations."
},
{
"lang": "es",
"value": "VMware Aria Operations contiene una vulnerabilidad de cross-site scripting almacenado. Un actor malintencionado con acceso de edici\u00f3n a las vistas podr\u00eda inyectar secuencias de comandos maliciosas que provoquen cross-site scripting almacenado en el producto VMware Aria Operations."
}
],
"id": "CVE-2024-38832",
"lastModified": "2025-05-14T16:36:53.080",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2,
"source": "security@vmware.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-11-26T12:15:18.697",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25199"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-16 17:15
Modified
2024-11-21 05:49
Severity ?
Summary
VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2022-0004.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2022-0004.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | cloud_foundation | * | |
| vmware | fusion | * | |
| vmware | fusion | - | |
| vmware | workstation | * | |
| vmware | esxi | 6.5 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 6.7 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 | |
| vmware | esxi | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28769D3C-0C46-4E6B-A8E2-75A7B64B1D47",
"versionEndExcluding": "3.11",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBED072F-DE79-41C6-AD4F-02E10BD27FBD",
"versionEndExcluding": "4.4",
"versionStartIncluding": "4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6735BF82-477F-498C-90E6-A744DECEEB1E",
"versionEndExcluding": "12.2.1",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:fusion:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9E82547-FA15-4A83-B920-23CE424D3715",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E41B621D-14BE-4B48-B265-57BBC4ADEBF0",
"versionEndExcluding": "16.2.1",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.5:650-202202401:*:*:*:*:*:*",
"matchCriteriaId": "4C47BEFC-1434-4676-A123-359A500F19BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "B2792D06-A73E-4A56-A152-82E1AD4E707D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201806001:*:*:*:*:*:*",
"matchCriteriaId": "0CE9D758-2170-4ACD-965C-C76BDA693466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201807001:*:*:*:*:*:*",
"matchCriteriaId": "FD4A373B-2AC6-4193-9C34-1E4EEB552A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201808001:*:*:*:*:*:*",
"matchCriteriaId": "E75F4E15-2C5F-4667-B8A4-0EE9895FAEC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810001:*:*:*:*:*:*",
"matchCriteriaId": "8B75B45F-E25A-4362-856D-465A9F8B70DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810101:*:*:*:*:*:*",
"matchCriteriaId": "EDA4AE4C-3BA8-472D-950A-3C8684565CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810102:*:*:*:*:*:*",
"matchCriteriaId": "6AA3617D-B911-4BC5-B544-B31D4F43D2B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810103:*:*:*:*:*:*",
"matchCriteriaId": "CDC6E0F6-83DF-4670-8D04-A41C7DC1B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810201:*:*:*:*:*:*",
"matchCriteriaId": "047A71B3-CDFB-41F3-B2DE-11360DAE5744",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810202:*:*:*:*:*:*",
"matchCriteriaId": "F88691FD-F263-4B75-BF21-481BC1623C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810203:*:*:*:*:*:*",
"matchCriteriaId": "D2A47CDA-D3DD-4E0F-8268-32A188EA1D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810204:*:*:*:*:*:*",
"matchCriteriaId": "36A67476-2E8E-4104-9F10-7AE42F82508F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810205:*:*:*:*:*:*",
"matchCriteriaId": "ED029F1A-96D0-4EF2-9148-FC98E8B8FDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810206:*:*:*:*:*:*",
"matchCriteriaId": "E2283675-582F-44A8-833B-B5B439CBFA1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810207:*:*:*:*:*:*",
"matchCriteriaId": "94C4A188-6B00-48C4-B7E2-9F70811BF618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810208:*:*:*:*:*:*",
"matchCriteriaId": "F82943E9-E2D0-49F4-BD32-40E84BA1957E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810209:*:*:*:*:*:*",
"matchCriteriaId": "3ACB68F5-EC73-4C30-8FD3-F6647F9BCCD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810210:*:*:*:*:*:*",
"matchCriteriaId": "B854BA24-11FD-4D0C-9EFD-A88E64FED4E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810211:*:*:*:*:*:*",
"matchCriteriaId": "554434AB-763F-4E95-B616-F7594041D511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810212:*:*:*:*:*:*",
"matchCriteriaId": "CE56E7AC-F63D-4A4B-9B45-0E623973B14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810213:*:*:*:*:*:*",
"matchCriteriaId": "36664142-0111-42F5-A371-AD2C0DF211EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810214:*:*:*:*:*:*",
"matchCriteriaId": "49EA78B6-8208-4351-88F9-103CA01EF3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810215:*:*:*:*:*:*",
"matchCriteriaId": "27AC575F-9AC4-4AA1-A71C-BF9F752295F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810216:*:*:*:*:*:*",
"matchCriteriaId": "4C0F47F3-0509-45AC-8EA9-37246E4E6095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810217:*:*:*:*:*:*",
"matchCriteriaId": "CE103301-6AEF-4348-8F36-833021739AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810218:*:*:*:*:*:*",
"matchCriteriaId": "8D92B2FF-8962-41F9-B019-D83AAAD188FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810219:*:*:*:*:*:*",
"matchCriteriaId": "8E6D5227-3421-412F-9BE0-583AA768446D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810220:*:*:*:*:*:*",
"matchCriteriaId": "BD2F52AF-D7EF-4F57-8F04-B0C6CD3FED63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810221:*:*:*:*:*:*",
"matchCriteriaId": "82BA9EB1-4EFB-4649-92C7-2C307966956E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810222:*:*:*:*:*:*",
"matchCriteriaId": "2133378D-8DFD-48B9-83A1-9FA7DDC68902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810223:*:*:*:*:*:*",
"matchCriteriaId": "57BF8703-0C83-4BA5-B0F7-FB6E45229685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810224:*:*:*:*:*:*",
"matchCriteriaId": "DAADDD62-2F6E-4D12-A49F-3D38ACF488E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810225:*:*:*:*:*:*",
"matchCriteriaId": "B5834F35-6D9A-48E5-BB5C-3A7D6CCE36D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810226:*:*:*:*:*:*",
"matchCriteriaId": "27FA0C0E-B5A2-4619-998B-CFB45496D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810227:*:*:*:*:*:*",
"matchCriteriaId": "B98EDBA4-0BA4-4894-B6F6-681117A5C5C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810228:*:*:*:*:*:*",
"matchCriteriaId": "8E756914-2C2A-4999-AAEA-2F6835A29C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810229:*:*:*:*:*:*",
"matchCriteriaId": "0AC0C89B-26A3-40F7-855F-5F6B36B77F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810230:*:*:*:*:*:*",
"matchCriteriaId": "5BF2FE18-A90E-429A-98D1-9A97DD0464B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810231:*:*:*:*:*:*",
"matchCriteriaId": "92289D85-0652-41D1-A6BA-D4B8C7EE1F45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810232:*:*:*:*:*:*",
"matchCriteriaId": "CF41887D-B145-4D01-9AEF-2E36479B2FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810233:*:*:*:*:*:*",
"matchCriteriaId": "0FEAF0ED-BD20-4BA6-BB23-1C978B823A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201810234:*:*:*:*:*:*",
"matchCriteriaId": "36234CE1-FA7E-4534-9720-410435E2BAEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201811001:*:*:*:*:*:*",
"matchCriteriaId": "ABE65721-57C0-4748-B159-F6D97CE8CAB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901001:*:*:*:*:*:*",
"matchCriteriaId": "CD1889D7-3313-4004-AA42-7879E8551413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901401:*:*:*:*:*:*",
"matchCriteriaId": "494E0B07-CE16-46D4-A89B-4F12A6CECDF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901402:*:*:*:*:*:*",
"matchCriteriaId": "DD046237-16D7-4A57-9F09-2A6A649368C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201901403:*:*:*:*:*:*",
"matchCriteriaId": "8343E8DB-1D54-4B82-9254-2E2AFC548609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201903001:*:*:*:*:*:*",
"matchCriteriaId": "F853B5B8-E8F8-4EA2-90EB-0603F4AADAD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904001:*:*:*:*:*:*",
"matchCriteriaId": "0169E032-F47A-45E0-BC33-B7DF54EC11BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201:*:*:*:*:*:*",
"matchCriteriaId": "B0FCF0BB-9905-415A-8E30-DB96CCC49782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904201-ug:*:*:*:*:*:*",
"matchCriteriaId": "7264CDC9-FB2D-45A9-9307-C197B1052477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202:*:*:*:*:*:*",
"matchCriteriaId": "0C02E0DF-7656-475B-B028-10406DAB30F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904202-ug:*:*:*:*:*:*",
"matchCriteriaId": "D0538570-759A-441A-BC37-556642C090F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203:*:*:*:*:*:*",
"matchCriteriaId": "41340C91-4E96-4578-BB96-6758EBE072E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904203-ug:*:*:*:*:*:*",
"matchCriteriaId": "9CF906E5-A846-49BA-925B-C6059FD02BFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204:*:*:*:*:*:*",
"matchCriteriaId": "FAE29DD3-BFC7-4781-A805-DE379CAB3DD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904204-ug:*:*:*:*:*:*",
"matchCriteriaId": "7D3D0230-53D4-469F-AD46-74F057F6F9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205:*:*:*:*:*:*",
"matchCriteriaId": "322DC091-A4A1-4534-AB5C-0030114A63D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904205-ug:*:*:*:*:*:*",
"matchCriteriaId": "8D8E89CE-C919-4CDF-98BE-BA9A126B36BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206:*:*:*:*:*:*",
"matchCriteriaId": "4B23002D-D157-412F-B2ED-CD4504C79987",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904206-ug:*:*:*:*:*:*",
"matchCriteriaId": "73DA1453-4756-4C16-9640-B3B0C6F617DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207:*:*:*:*:*:*",
"matchCriteriaId": "8A2AE141-7503-4C0B-B0F1-B67A898FDF24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904207-ug:*:*:*:*:*:*",
"matchCriteriaId": "589EE886-6927-4AEA-903C-155C23B1747A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208:*:*:*:*:*:*",
"matchCriteriaId": "4547B798-9F00-4B28-B667-9D38B9E3591B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904208-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BDDFA27-0D99-4D98-B00F-5D038488BAAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209:*:*:*:*:*:*",
"matchCriteriaId": "53129601-DDA4-4BF4-8F63-A88890F2D7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904209-ug:*:*:*:*:*:*",
"matchCriteriaId": "3F931502-8460-4373-92D7-CFD817F4A062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210:*:*:*:*:*:*",
"matchCriteriaId": "B48B12F8-0B49-404E-A6B4-1F6108687C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904210-ug:*:*:*:*:*:*",
"matchCriteriaId": "287D4E48-4890-46C2-8B9B-1CE484C9D30A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211:*:*:*:*:*:*",
"matchCriteriaId": "8CED027A-5B1B-44CC-81DA-AAD00D551C84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904211-ug:*:*:*:*:*:*",
"matchCriteriaId": "A916EB29-ADE4-4D65-BF8E-98B44E466AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212:*:*:*:*:*:*",
"matchCriteriaId": "94F87F69-37DD-4170-ACA0-742EE8CFD00E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904212-ug:*:*:*:*:*:*",
"matchCriteriaId": "BC024B88-DEDD-49E5-B668-5B00C212B6A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213:*:*:*:*:*:*",
"matchCriteriaId": "ACC3D191-BB1B-4875-9A58-1E6D53128062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904213-ug:*:*:*:*:*:*",
"matchCriteriaId": "DB9F131B-46BE-44F8-904B-FD0839926B18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214:*:*:*:*:*:*",
"matchCriteriaId": "BD858E05-6FDE-4EDE-95C7-CA16B66BE7F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904214-ug:*:*:*:*:*:*",
"matchCriteriaId": "BA2195E5-3BAD-4E90-BE40-A59C0A6A9EBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215:*:*:*:*:*:*",
"matchCriteriaId": "FFCC4027-ED2E-4993-9C3E-FDEBF94EFF11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904215-ug:*:*:*:*:*:*",
"matchCriteriaId": "1503D3D9-E1A7-41F9-B26D-0AED8ABE6FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216:*:*:*:*:*:*",
"matchCriteriaId": "62772E13-0198-4021-9FB0-59124086B21C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904216-ug:*:*:*:*:*:*",
"matchCriteriaId": "7BD28EE0-808D-4A76-B707-F163527608C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217:*:*:*:*:*:*",
"matchCriteriaId": "C8A565A1-E4F0-4683-9DD6-D3B595A0B2EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904217-ug:*:*:*:*:*:*",
"matchCriteriaId": "79225541-575F-44FC-8ED6-24BA6A4128EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218:*:*:*:*:*:*",
"matchCriteriaId": "7B8868CD-EA52-438C-BFDD-EB41C98BA425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904218-ug:*:*:*:*:*:*",
"matchCriteriaId": "8A4A62CD-A46B-4612-9DC8-7744E6D5EA40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219:*:*:*:*:*:*",
"matchCriteriaId": "2F42557E-2FB2-4902-A6E8-CDDDC5E6CAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904219-ug:*:*:*:*:*:*",
"matchCriteriaId": "D526CE1D-ED76-44EB-9377-53EF7556E254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220:*:*:*:*:*:*",
"matchCriteriaId": "00ECE661-E187-4999-B2CC-CF0EBAE83253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904220-ug:*:*:*:*:*:*",
"matchCriteriaId": "D7E92A1C-40EB-441B-A634-42609527210A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221:*:*:*:*:*:*",
"matchCriteriaId": "6C225598-9636-4095-84FE-DD671F2D6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904221-ug:*:*:*:*:*:*",
"matchCriteriaId": "111A10BE-FC5A-4272-9719-1DED62694A7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222:*:*:*:*:*:*",
"matchCriteriaId": "58C577E8-4B2B-4D91-AFCA-81C7FA04B897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904222-ug:*:*:*:*:*:*",
"matchCriteriaId": "FC65FCFC-CD55-401A-8986-A1DBF544D228",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223:*:*:*:*:*:*",
"matchCriteriaId": "B7F8E29D-A3C1-4223-BDC3-CCED7C6FC86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904223-ug:*:*:*:*:*:*",
"matchCriteriaId": "EEBD3AEC-284C-44E1-A4CD-010787114737",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224:*:*:*:*:*:*",
"matchCriteriaId": "41DE747D-30C9-470D-8447-47B8C95311EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904224-ug:*:*:*:*:*:*",
"matchCriteriaId": "42F87C20-5A00-43C9-A445-50AD716233D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225:*:*:*:*:*:*",
"matchCriteriaId": "9D4D1283-BEC0-4FFC-8DC1-812D7A069F6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904225-ug:*:*:*:*:*:*",
"matchCriteriaId": "C1412AFC-CBE8-4151-B01D-785F11ACAB85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226:*:*:*:*:*:*",
"matchCriteriaId": "97F27723-5065-4A57-AF07-F9BD35B9B32C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904226-ug:*:*:*:*:*:*",
"matchCriteriaId": "6431DD1F-2269-4AFB-B486-9B6373F41C57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227:*:*:*:*:*:*",
"matchCriteriaId": "94383F22-6A4B-43A5-BA4D-6D25698DFF00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904227-ug:*:*:*:*:*:*",
"matchCriteriaId": "3BA5D0CB-E5B0-4C95-91A7-C662BAE01483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228:*:*:*:*:*:*",
"matchCriteriaId": "0F27B6FA-DFF5-4A67-BA3A-E34F38DC3D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904228-ug:*:*:*:*:*:*",
"matchCriteriaId": "A86BDAB4-3924-45A8-9130-517DEA184FA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229:*:*:*:*:*:*",
"matchCriteriaId": "E58409B9-DCF2-4383-8A39-D7CE0136EFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201904229-ug:*:*:*:*:*:*",
"matchCriteriaId": "A6EAE07B-2849-4E3B-B8D0-F68E6440A9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201905001:*:*:*:*:*:*",
"matchCriteriaId": "00CF4E83-EA1C-4058-8BCC-09B495255F71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201906002:*:*:*:*:*:*",
"matchCriteriaId": "86626D15-8D73-48BA-970B-CE661D5BB59A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908101:*:*:*:*:*:*",
"matchCriteriaId": "2308CED4-314E-4CFE-8B1F-7B6CAA637A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908102:*:*:*:*:*:*",
"matchCriteriaId": "9969057F-BD3A-474E-8A02-087575A8AA92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908103:*:*:*:*:*:*",
"matchCriteriaId": "7111974A-2A88-4209-8CBB-F872993AE4BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908104:*:*:*:*:*:*",
"matchCriteriaId": "35722902-3652-44F1-89C2-08EB51F2A1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908201:*:*:*:*:*:*",
"matchCriteriaId": "E469AC46-D464-4960-8F23-CA59B3DCB7C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908202:*:*:*:*:*:*",
"matchCriteriaId": "9CAD88F2-F1AA-4DDE-9E27-52090E2BD49A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908203:*:*:*:*:*:*",
"matchCriteriaId": "48F3D2BF-3A1D-4C49-94F5-EDB11E57821C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908204:*:*:*:*:*:*",
"matchCriteriaId": "739948F5-E005-49E3-B412-4E035C7D95E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908205:*:*:*:*:*:*",
"matchCriteriaId": "D1828A75-5088-4992-A06B-A58B62536F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908206:*:*:*:*:*:*",
"matchCriteriaId": "58030F5A-82E1-4D54-A8F0-30CAAD4C8402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908207:*:*:*:*:*:*",
"matchCriteriaId": "9A013753-5E40-4CD8-A649-6CD023E0A970",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908208:*:*:*:*:*:*",
"matchCriteriaId": "F554BC79-A92C-4287-9D94-3657C48E36CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908209:*:*:*:*:*:*",
"matchCriteriaId": "F82710D4-3FAB-469F-B15C-F22B4786AE42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908210:*:*:*:*:*:*",
"matchCriteriaId": "BDE7B96D-AD37-406D-AF62-3797E7A55119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908211:*:*:*:*:*:*",
"matchCriteriaId": "A9C294EC-F0BE-44DA-9073-D29D693F0964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908212:*:*:*:*:*:*",
"matchCriteriaId": "E05B6CD2-A581-46C2-AEA7-D8A6028FB466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908213:*:*:*:*:*:*",
"matchCriteriaId": "6CEC1380-E75E-40B5-BDE8-94E12317CCCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908214:*:*:*:*:*:*",
"matchCriteriaId": "C7B7079D-785C-4941-929A-C82B54809728",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908215:*:*:*:*:*:*",
"matchCriteriaId": "A1ADE91B-0682-4EF9-8724-E0AFFF3685C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908216:*:*:*:*:*:*",
"matchCriteriaId": "31F8FFF5-25BD-408D-9089-567AF16BA608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908217:*:*:*:*:*:*",
"matchCriteriaId": "EE834CFD-5533-4989-8836-D0F07ED4919C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908218:*:*:*:*:*:*",
"matchCriteriaId": "092F9149-6B82-48CD-B90C-87DB36881F5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908219:*:*:*:*:*:*",
"matchCriteriaId": "B2EA0EC1-0139-403C-AC9B-08D8530F4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908220:*:*:*:*:*:*",
"matchCriteriaId": "5A3ADB57-5A7D-4B75-903C-FCBE1FAE9AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201908221:*:*:*:*:*:*",
"matchCriteriaId": "755CCD27-3C87-497F-BDBB-48D3163909A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201911001:*:*:*:*:*:*",
"matchCriteriaId": "2130E67D-7F2A-4D82-BEFD-BA42B6B6FDA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912001:*:*:*:*:*:*",
"matchCriteriaId": "2635673A-1F6B-4B8D-9C8D-F2FFB9644373",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912101:*:*:*:*:*:*",
"matchCriteriaId": "9C0DDCAC-576E-48B6-B67E-E74DBF6C5250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912102:*:*:*:*:*:*",
"matchCriteriaId": "1CE71B5C-586B-4829-9A7E-3A008A1C1E35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912401:*:*:*:*:*:*",
"matchCriteriaId": "802A1549-678C-4001-807B-97AD0953B5A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912402:*:*:*:*:*:*",
"matchCriteriaId": "A6024926-4AE4-4609-99DE-E3173A72058A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912403:*:*:*:*:*:*",
"matchCriteriaId": "AB1CAAFF-616A-4455-86CA-0ED553D3D27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912404:*:*:*:*:*:*",
"matchCriteriaId": "7C2C35E2-EDA5-4B0B-895B-09D2EE6A6B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-201912405:*:*:*:*:*:*",
"matchCriteriaId": "13C713B1-AEA0-40B0-829E-4D0A23808577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004001:*:*:*:*:*:*",
"matchCriteriaId": "4C501A11-EF97-4402-9366-E624F1CBEDEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004002:*:*:*:*:*:*",
"matchCriteriaId": "52AE4120-4AAE-4F15-8575-4C480FBF7817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004301:*:*:*:*:*:*",
"matchCriteriaId": "04BAED99-1BF3-4089-B6E6-0BE505E6D846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004401:*:*:*:*:*:*",
"matchCriteriaId": "F318EA34-1EB7-484D-B016-3173683B0823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004402:*:*:*:*:*:*",
"matchCriteriaId": "08254171-3483-4796-AD29-8C8A66BEA7A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004403:*:*:*:*:*:*",
"matchCriteriaId": "BB87B220-ED25-4818-8E70-A9663CCEF005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004404:*:*:*:*:*:*",
"matchCriteriaId": "1275D19D-05C0-42F8-8402-647E512DAC72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004405:*:*:*:*:*:*",
"matchCriteriaId": "7D919EB9-F45B-4A4B-9887-7DE98065B766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004406:*:*:*:*:*:*",
"matchCriteriaId": "6CB29FBD-2AD3-49D0-9F49-AE4DD9192C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004407:*:*:*:*:*:*",
"matchCriteriaId": "C2ACA3A8-5B40-45C4-B47F-0DCF04D6700F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202004408:*:*:*:*:*:*",
"matchCriteriaId": "92E98665-4919-4D45-88CF-28835DADD6E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202006001:*:*:*:*:*:*",
"matchCriteriaId": "C0A275B7-DBF3-4332-8B5F-C9CAD84229B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202008001:*:*:*:*:*:*",
"matchCriteriaId": "497F58A2-0A2C-4A59-A73B-31C956EF3CD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202010001:*:*:*:*:*:*",
"matchCriteriaId": "18E8632C-E442-4F18-BFE2-96AE5C839F0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202011001:*:*:*:*:*:*",
"matchCriteriaId": "13D69B99-CB36-45DD-9FD9-C58186998200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202011002:*:*:*:*:*:*",
"matchCriteriaId": "EF0BC157-1834-46D8-9BF9-0CE9648C7D8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202102001:*:*:*:*:*:*",
"matchCriteriaId": "728136B6-47A7-42BC-9464-7745E4F2B4FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202103001:*:*:*:*:*:*",
"matchCriteriaId": "3967967A-E0A5-45B3-999C-D749A9B0C791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:6.7:670-202111101:*:*:*:*:*:*",
"matchCriteriaId": "644588BB-2A6D-481C-9B2F-756C23B989DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_1:*:*:*:*:*:*",
"matchCriteriaId": "2C8DB7F6-5765-4355-B30E-9CAC39ECA5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_2:*:*:*:*:*:*",
"matchCriteriaId": "D3E3A02D-6C1E-4DE8-B845-60F53C056F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:vmware:esxi:7.0:update_3:*:*:*:*:*:*",
"matchCriteriaId": "4ADC3CFF-7415-46A5-817A-2F053B261E8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host."
},
{
"lang": "es",
"value": "VMware ESXi, Workstation y Fusion contienen una vulnerabilidad de doble b\u00fasqueda en el controlador USB UHCI. Un actor malicioso con privilegios administrativos locales en una m\u00e1quina virtual puede aprovechar este problema para ejecutar c\u00f3digo como el proceso VMX de la m\u00e1quina virtual que es ejecutada en el host"
}
],
"id": "CVE-2021-22041",
"lastModified": "2024-11-21T05:49:29.167",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-16T17:15:10.477",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0004.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-13 18:15
Modified
2024-11-21 06:47
Severity ?
Summary
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote code execution.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2022-0011.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2022-0011.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | identity_manager | 3.3.3 | |
| vmware | identity_manager | 3.3.4 | |
| vmware | identity_manager | 3.3.5 | |
| vmware | identity_manager | 3.3.6 | |
| vmware | vrealize_automation | * | |
| vmware | vrealize_automation | 7.6 | |
| vmware | vrealize_suite_lifecycle_manager | * | |
| vmware | workspace_one_access | 20.10.0.0 | |
| vmware | workspace_one_access | 20.10.0.1 | |
| vmware | workspace_one_access | 21.08.0.0 | |
| vmware | workspace_one_access | 21.08.0.1 | |
| linux | linux_kernel | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5071E0B4-FE4B-4525-BAF6-3900D9C8D48D",
"versionEndExcluding": "5.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "97D98937-489B-4AA5-B99E-9AB639C582CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0E93CB5E-CB4A-474A-9901-2E098928C489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A215A7D-F644-41DE-AB4E-69145DA48F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:identity_manager:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBB8190-2101-4EE5-844E-B46E7FB78FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_automation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "370EF5F6-77E2-4EF7-9148-9DA5C52E50F5",
"versionEndExcluding": "9.0",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_automation:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "471BB5AF-3744-45FE-937D-BBEC421035EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vrealize_suite_lifecycle_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC19367B-D2F8-4966-BE2F-12700C9337EC",
"versionEndExcluding": "9.0",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:20.10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "639F6029-DE62-49BD-A767-C5D499389C37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:20.10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "88AD029C-7707-4F1E-BE7F-2DE27D384538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:21.08.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "57375AD7-8042-472F-B49E-653C77EAFA48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:workspace_one_access:21.08.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AC3DC465-1FA7-4F5B-9A9A-12F8FB4CE146",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 \u0026 CVE-2022-22958). A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote code execution."
},
{
"lang": "es",
"value": "VMware Workspace ONE Access, Identity Manager y vRealize Automation contienen dos vulnerabilidades de ejecuci\u00f3n de c\u00f3digo remota (CVE-2022-22957 y CVE-2022-22958). Un actor malicioso con acceso administrativo puede desencadenar la deserializaci\u00f3n de datos no confiables mediante un URI JDBC malicioso que puede resultar en una ejecuci\u00f3n de c\u00f3digo remota"
}
],
"id": "CVE-2022-22958",
"lastModified": "2024-11-21T06:47:41.140",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-13T18:15:13.230",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0011.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-09-23 13:15
Modified
2024-11-21 05:49
Severity ?
Summary
The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. An authenticated local user with non-administrative privilege may exploit these issues to elevate their privileges to root on vCenter Server Appliance.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| security@vmware.com | http://packetstormsecurity.com/files/170116/VMware-vCenter-vScalation-Privilege-Escalation.html | Exploit, Third Party Advisory, VDB Entry | |
| security@vmware.com | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/170116/VMware-vCenter-vScalation-Privilege-Escalation.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.vmware.com/security/advisories/VMSA-2021-0020.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| vmware | cloud_foundation | * | |
| vmware | vcenter_server | 6.5 | |
| vmware | vcenter_server | 6.7 | |
| vmware | vcenter_server | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5071E0B4-FE4B-4525-BAF6-3900D9C8D48D",
"versionEndExcluding": "5.0",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "23CFE5A5-A166-4FD5-BE97-5F16DAB1EAE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:6.7:-:*:*:*:*:*:*",
"matchCriteriaId": "E456F84C-A86E-4EA9-9A3E-BEEA662136E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5FA81CCD-A05E-498C-820E-21980E92132F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. An authenticated local user with non-administrative privilege may exploit these issues to elevate their privileges to root on vCenter Server Appliance."
},
{
"lang": "es",
"value": "vCenter Server contiene m\u00faltiples vulnerabilidades de escalada de privilegios locales debido a permisos inapropiados de archivos y directorios. Un usuario local autenticado con privilegios no administrativos puede explotar estos problemas para elevar sus privilegios a root en vCenter Server Appliance"
}
],
"id": "CVE-2021-22015",
"lastModified": "2024-11-21T05:49:26.590",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-09-23T13:15:07.827",
"references": [
{
"source": "security@vmware.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/170116/VMware-vCenter-vScalation-Privilege-Escalation.html"
},
{
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/170116/VMware-vCenter-vScalation-Privilege-Escalation.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0020.html"
}
],
"sourceIdentifier": "security@vmware.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-552"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}