Vmware Vcenter Server vulnerabilities

CVE-2023-34048 [CRITICAL] CWE-787 CVE-2023-34048: vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC pro vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution.

CVE-2023-34056 [MEDIUM] CWE-922 CVE-2023-34056: vCenter Server contains a partial information disclosure vulnerability. A malicious actor with non-a vCenter Server contains a partial information disclosure vulnerability. A malicious actor with non-administrative privileges to vCenter Server may leverage this issue to access unauthorized data.

CVE-2019-5531 [MEDIUM] CWE-613 CVE-2019-5531: VMware vSphere ESXi (6.7 prior to ESXi670-201810101-SG, 6.5 prior to ESXi650-201811102-SG, and 6.0 p VMware vSphere ESXi (6.7 prior to ESXi670-201810101-SG, 6.5 prior to ESXi650-201811102-SG, and 6.0 prior to ESXi600-201807103-SG) and VMware vCenter Server (6.7 prior to 6.7 U1b, 6.5 prior to 6.5 U2b, and 6.0 prior to 6.0 U3j) contain an information disclosure vulnerability in clients arising from insufficient session expiration. An attacker with phys

CVE-2017-4919 [CRITICAL] CWE-306 CVE-2017-4919: VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges to VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges to use the VIX API to access Guest Operating Systems without the need to authenticate.