Cloud_foundation - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Cloud_foundation
(Vmware)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	121

Date	Id	Summary	Products	Score	Patch	Annotated
2024-05-21	CVE-2024-22274	The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system.	Cloud_foundation, Vcenter_server	N/A
2024-05-21	CVE-2024-22275	The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data.	Cloud_foundation, Vcenter_server	N/A
2024-06-25	CVE-2024-37086	VMware ESXi contains an out-of-bounds read vulnerability. A malicious actor with local administrative privileges on a virtual machine with an existing snapshot may trigger an out-of-bounds read leading to a denial-of-service condition of the host.	Cloud_foundation, Esxi	N/A
2024-06-25	CVE-2024-37087	The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network access to vCenter Server may create a denial-of-service condition.	Cloud_foundation, Vcenter_server	N/A
2024-01-16	CVE-2023-34063	Aria Automation contains a Missing Access Control vulnerability. An authenticated malicious actor may exploit this vulnerability leading to unauthorized access to remote organizations and workflows.	Aria_automation, Cloud_foundation	8.3
2024-06-18	CVE-2024-37081	The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance.	Cloud_foundation, Vcenter_server	N/A
2025-05-20	CVE-2025-41231	VMware Cloud Foundation contains a missing authorisation vulnerability. A malicious actor with access to VMware Cloud Foundation appliance may be able to perform certain unauthorised actions and access limited sensitive information.	Cloud_foundation	N/A
2024-11-26	CVE-2024-38830	VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges may trigger this vulnerability to escalate privileges to root user on the appliance running VMware Aria Operations.	Aria_operations, Cloud_foundation	7.8
2024-11-26	CVE-2024-38831	VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges can insert malicious commands into the properties file to escalate privileges to a root user on the appliance running VMware Aria Operations.	Aria_operations, Cloud_foundation	7.8