Vmware Vcenter Orchestrator vulnerabilities
2 known vulnerabilities affecting vmware/vcenter_orchestrator.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2015-6934HIGHCVSS 7.3v5.5v5.5.1+2 more2015-12-21
CVE-2015-6934 [HIGH] CWE-20 CVE-2015-6934: Serialized-object interfaces in VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize
Serialized-object interfaces in VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize Operations 6.x, vCenter Operations 5.x, and vCenter Application Discovery Manager (vADM) 7.x allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
nvd
CVE-2012-1513MEDIUMCVSS 4.0v4.0v4.12012-03-16
CVE-2012-1513 [MEDIUM] CWE-200 CVE-2012-1513: The Web Configuration tool in VMware vCenter Orchestrator (vCO) 4.0 before Update 4, 4.1 before Upda
The Web Configuration tool in VMware vCenter Orchestrator (vCO) 4.0 before Update 4, 4.1 before Update 2, and 4.2 before Update 1 places the vCenter Server password in an HTML document, which allows remote authenticated administrators to obtain sensitive information by reading this document.
nvd