Product:

Cloud_foundation

(Vmware)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 121
Date Id Summary Products Score Patch Annotated
2022-12-13 CVE-2022-31698 The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header. Cloud_foundation, Vcenter_server 5.3
2022-12-13 CVE-2022-31699 VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure. Cloud_foundation, Esxi 3.3
2022-12-14 CVE-2022-31700 VMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2. Access, Cloud_foundation, Identity_manager 7.2
2022-12-14 CVE-2022-31701 VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3. Access, Cloud_foundation, Identity_manager_connector 5.3
2023-09-27 CVE-2023-34043 VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'. Aria_operations, Cloud_foundation 6.7
2019-10-18 CVE-2019-16919 Harbor API has a Broken Access Control vulnerability. The vulnerability allows project administrators to use the Harbor API to create a robot account with unauthorized push and/or pull access permissions to a project they don't have access or control for. The Harbor API did not enforce the proper project permissions and project scope on the API request to create a new robot account. Harbor, Cloud_foundation, Harbor_container_registry N/A