Vmware Vcenter Server vulnerabilities

CVE-2021-22016 [MEDIUM] CWE-79 CVE-2021-22016: The vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input sa The vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input sanitization. An attacker may exploit this issue to execute malicious scripts by tricking a victim into clicking a malicious link.

CVE-2021-22011 [MEDIUM] CVE-2021-22011: vCenter Server contains an unauthenticated API endpoint vulnerability in vCenter Server Content Libr vCenter Server contains an unauthenticated API endpoint vulnerability in vCenter Server Content Library. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to perform unauthenticated VM network setting manipulation.

CVE-2021-21991 [HIGH] CVE-2021-21991: The vCenter Server contains a local privilege escalation vulnerability due to the way it handles ses The vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens. A malicious actor with non-administrative user access on vCenter Server host may exploit this issue to escalate privileges to Administrator on the vSphere Client (HTML5) or vCenter Server vSphere Web Client (FLEX/Flash).

CVE-2021-21992 [MEDIUM] CVE-2021-21992: The vCenter Server contains a denial-of-service vulnerability due to improper XML entity parsing. A The vCenter Server contains a denial-of-service vulnerability due to improper XML entity parsing. A malicious actor with non-administrative user access to the vCenter Server vSphere Client (HTML5) or vCenter Server vSphere Web Client (FLEX/Flash) may exploit this issue to create a denial-of-service condition on the vCenter Server host.

CVE-2021-21985 [CRITICAL] CWE-918 CVE-2021-21985: The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input valid The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system

CVE-2021-21986 [CRITICAL] CWE-306 CVE-2021-21986: The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Vi The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. A malicious actor with network access to port 443 on vCenter Server may perform actions allowed by the impacted plug-ins without authe

CVE-2021-21972 [CRITICAL] CWE-22 CVE-2021-21972: The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects VMware vCenter Server (7.x before 7.0 U1c, 6.7 befo

CVE-2021-21973 [MEDIUM] CWE-918 CVE-2021-21973: The vSphere Client (HTML5) contains an SSRF (Server Side Request Forgery) vulnerability due to impro The vSphere Client (HTML5) contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue by sending a POST request to vCenter Server plugin leading to information disclosure. This affects: VMware vCenter Server (7.x

CVE-2020-3994 [HIGH] CWE-295 CVE-2020-3994: VMware vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k) contains a session hijack vulnerability VMware vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k) contains a session hijack vulnerability in the vCenter Server Appliance Management Interface update function due to a lack of certificate validation. A malicious actor with network positioning between vCenter Server and an update repository may be able to perform a session hijack when the vCente

CVE-2020-3976 [MEDIUM] CWE-400 CVE-2020-3976: VMware ESXi and vCenter Server contain a partial denial of service vulnerability in their respective VMware ESXi and vCenter Server contain a partial denial of service vulnerability in their respective authentication services. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.

CVE-2020-3952 [CRITICAL] CWE-306 CVE-2020-3952: Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or ext Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller (PSC), does not correctly implement access controls.

CVE-2019-5538 [MEDIUM] CWE-295 CVE-2019-5538: Sensitive information disclosure vulnerability resulting from a lack of certificate validation durin Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance (6.7 before 6.7u3a and 6.5 before 6.5u3d) may allow a malicious actor to intercept sensitive data in transit over SCP. A malicious actor with man-in-the-middle positioning

CVE-2019-5537 [MEDIUM] CWE-295 CVE-2019-5537: Sensitive information disclosure vulnerability resulting from a lack of certificate validation durin Sensitive information disclosure vulnerability resulting from a lack of certificate validation during the File-Based Backup and Restore operations of VMware vCenter Server Appliance (6.7 before 6.7u3a and 6.5 before 6.5u3d) may allow a malicious actor to intercept sensitive data in transit over FTPS and HTTPS. A malicious actor with man-in-the-middle

CVE-2019-5532 [HIGH] CWE-532 CVE-2019-5532: VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j) contains VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j) contains an information disclosure vulnerability due to the logging of credentials in plain-text for virtual machines deployed through OVF. A malicious user with access to the log files containing vCenter OVF-properties of a virtual machine deployed from an OVF m

CVE-2019-5534 [HIGH] CWE-200 CVE-2019-5534: VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j) contains VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and 6.0 prior to 6.0 U3j) contains an information disclosure vulnerability where Virtual Machines deployed from an OVF could expose login information via the virtual machine's vAppConfig properties. A malicious actor with access to query the vAppConfig properties of a virtual machine depl

CVE-2019-5531 [MEDIUM] CWE-613 CVE-2019-5531: VMware vSphere ESXi (6.7 prior to ESXi670-201810101-SG, 6.5 prior to ESXi650-201811102-SG, and 6.0 p VMware vSphere ESXi (6.7 prior to ESXi670-201810101-SG, 6.5 prior to ESXi650-201811102-SG, and 6.0 prior to ESXi600-201807103-SG) and VMware vCenter Server (6.7 prior to 6.7 U1b, 6.5 prior to 6.5 U2b, and 6.0 prior to 6.0 U3j) contain an information disclosure vulnerability in clients arising from insufficient session expiration. An attacker with phys

CVE-2017-4943 [HIGH] CWE-787 CVE-2017-4943: VMware vCenter Server Appliance (vCSA) (6.5 before 6.5 U1d) contains a local privilege escalation vu VMware vCenter Server Appliance (vCSA) (6.5 before 6.5 U1d) contains a local privilege escalation vulnerability via the 'showlog' plugin. Successful exploitation of this issue could result in a low privileged user gaining root level privileges over the appliance base OS.

CVE-2017-4927 [HIGH] CWE-90 CVE-2017-4927: VMware vCenter Server (6.5 prior to 6.5 U1 and 6.0 prior to 6.0 U3c) does not correctly handle speci VMware vCenter Server (6.5 prior to 6.5 U1 and 6.0 prior to 6.0 U3c) does not correctly handle specially crafted LDAP network packets which may allow for remote denial of service.

CVE-2017-4928 [HIGH] CWE-352 CVE-2017-4928: The flash-based vSphere Web Client (6.0 prior to 6.0 U3c and 5.5 prior to 5.5 U3f) i.e. not the new The flash-based vSphere Web Client (6.0 prior to 6.0 U3c and 5.5 prior to 5.5 U3f) i.e. not the new HTML5-based vSphere Client, contains SSRF and CRLF injection issues due to improper neutralization of URLs. An attacker may exploit these issues by sending a POST request with modified headers towards internal services leading to information disclosure.

CVE-2017-4926 [MEDIUM] CWE-79 CVE-2017-4926: VMware vCenter Server (6.5 prior to 6.5 U1) contains a vulnerability that may allow for stored cross VMware vCenter Server (6.5 prior to 6.5 U1) contains a vulnerability that may allow for stored cross-site scripting (XSS). An attacker with VC user privileges can inject malicious java-scripts which will get executed when other VC users access the page.