Cloud Foundation
Monthly
Privilege escalation in VMware Aria Operations allows authenticated users with vCenter access to escalate their privileges to administrative level within Aria Operations. The vulnerability affects multiple Broadcom products including Telco Cloud Platform, Aria Operations, and Cloud Foundation, requiring administrative intervention but no user interaction to exploit. Patches are available through VMSA-2026-0001.
Stored XSS in VMware Aria Operations allows authenticated users with benchmark creation privileges to inject malicious scripts and execute arbitrary administrative actions within the platform. This vulnerability affects VMware, Broadcom, and Telco Cloud Infrastructure products with a CVSS score of 8.0, requiring user interaction to trigger the attack. Patches are available through VMSA-2026-0001.
VMware Aria Operations contains a command injection vulnerability (CVE-2026-22719, CVSS 8.1) that allows unauthenticated remote attackers to execute arbitrary commands during support-assisted product migration. KEV-listed with patches available, this vulnerability targets the infrastructure monitoring platform that has visibility into the entire virtualized environment.
VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.
VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the router port due to improper input validation.
VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the gateway firewall due to improper input validation.
VMware NSX Manager UI is vulnerable to stored cross-site scripting (XSS) attacks via improper input validation in user-controllable fields (CWE-79). An authenticated attacker with high privileges can inject malicious scripts that persist in the application and execute in the browsers of other users, potentially leading to session hijacking, credential theft, or unauthorized administrative actions. With a CVSS score of 7.5 and network-accessible attack vector, this vulnerability poses a moderate-to-high risk to NSX Manager deployments, particularly in multi-user environments.
VMware Cloud Foundation contains a missing authorisation vulnerability. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
VMware Aria automation contains a DOM based Cross-Site Scripting (XSS) vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability via HGFS out-of-bounds read, allowing VM administrators to leak memory from the VMX process on the host.
VMware ESXi contains an arbitrary write vulnerability that allows privileged VMX process users to trigger kernel writes, enabling escape from the VMX sandbox to the ESXi kernel.
VMware ESXi and Workstation contain a TOCTOU race condition leading to out-of-bounds write, allowing local administrators on VMs to escape the sandbox and execute code as the VMX process on the host.
VMware Aria Operations contains an information disclosure vulnerability. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
VMware Aria Operation for Logs contains a stored cross-site scripting vulnerability. Rated medium severity (CVSS 5.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
VMware Aria Operations for Logs contains a privilege escalation vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
VMware Aria Operations for Logs contains a stored cross-site scripting vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
VMware Aria Operations for Logs contains an information disclosure vulnerability. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.
VMware Aria Operations contains a stored cross-site scripting vulnerability. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
VMware Aria Operations contains a stored cross-site scripting vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
VMware Aria Operations contains a stored cross-site scripting vulnerability. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
VMware Aria Operations contains a local privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
VMware Aria Operations contains a local privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
The vCenter Server contains a privilege escalation vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
VMware Aria Automation does not apply correct input validation which allows for SQL-injection in the product. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The vCenter Server contains a denial-of-service vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
VMware ESXi contains an out-of-bounds read vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
The vCenter Server contains a partial file read vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The vCenter Server contains an authenticated remote code execution vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The storage controllers on VMware ESXi, Workstation, and Fusion have out-of-bounds read/write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
VMware ESXi contains an out-of-bounds write vulnerability. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
VMware Aria Operations contains a local privilege escalation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
VMware Aria Operations contains a local privilege escalation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
VMware Workspace ONE Access and VMware Identity Manager contain an insecure redirect vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.
VMware Aria Operations contains a privilege escalation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
VMware Aria Operations contains a Local privilege escalation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
VMware Aria Operations contains a deserialization vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
VMware Aria Operations contains a privilege escalation vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
VMware Aria Operations for Logs contains a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
VMware Aria Operations for Logs contains a deserialization vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
VMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
VMware ESXi contains a heap-overflow vulnerability. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
The vCenter Server contains a denial-of-service vulnerability in the content library service. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
VMware Cloud Foundation (NSX-V) contains an XML External Entity (XXE) vulnerability. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
VMware ESXi contains a null-pointer deference vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
The vCenter Server contains a server-side request forgery (SSRF) vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site request forgery vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The vCenter Server contains a privilege escalation vulnerability in the IWA (Integrated Windows Authentication) authentication mechanism. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.
VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.
The vCenter Server contains a denial-of-service vulnerability in the Analytics service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
The vCenter Server contains a denial-of-service vulnerability in VAPI (vCenter API) service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The vCenter Server contains an arbitrary file deletion vulnerability in a VMware vSphere Life-cycle Manager plug-in. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input sanitization. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
The vCenter Server contains an authenticated code execution vulnerability in VAMI (Virtual Appliance Management Infrastructure). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.
The vCenter Server contains a file path traversal vulnerability leading to information disclosure in the appliance management API. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The vCenter Server contains an information disclosure vulnerability due to an unauthenticated appliance management API. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.
vCenter Server contains an unauthenticated API endpoint vulnerability in vCenter Server Content Library. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The vCenter Server contains a denial-of-service vulnerability in VPXD service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
The vCenter Server contains multiple denial-of-service vulnerabilities in VAPI (vCenter API) service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.
The vCenter Server contains an information disclosure vulnerability in VAPI (vCenter API) service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The vCenter Server contains a local information disclosure vulnerability in the Analytics service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
The vCenter Server contains a reverse proxy bypass vulnerability due to the way the endpoints handle the URI. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
The vCenter Server contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in vCenter Server Content Library. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.
The vCenter Server contains a denial-of-service vulnerability due to improper XML entity parsing. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on port 7443. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints, on port 8443, to be accessed via port 443 using a custom host header. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.
VMware vRealize Log Insight (8.x prior to 8.4) contains a Cross Site Scripting (XSS) vulnerability due to improper user input validation. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.
The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.
The vRealize Operations Manager API (8.x prior to 8.5) contains a broken access control vulnerability leading to unauthenticated API access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.
The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary log-file read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Privilege escalation in VMware Aria Operations allows authenticated users with vCenter access to escalate their privileges to administrative level within Aria Operations. The vulnerability affects multiple Broadcom products including Telco Cloud Platform, Aria Operations, and Cloud Foundation, requiring administrative intervention but no user interaction to exploit. Patches are available through VMSA-2026-0001.
Stored XSS in VMware Aria Operations allows authenticated users with benchmark creation privileges to inject malicious scripts and execute arbitrary administrative actions within the platform. This vulnerability affects VMware, Broadcom, and Telco Cloud Infrastructure products with a CVSS score of 8.0, requiring user interaction to trigger the attack. Patches are available through VMSA-2026-0001.
VMware Aria Operations contains a command injection vulnerability (CVE-2026-22719, CVSS 8.1) that allows unauthenticated remote attackers to execute arbitrary commands during support-assisted product migration. KEV-listed with patches available, this vulnerability targets the infrastructure monitoring platform that has visibility into the entire virtualized environment.
VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.
VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the router port due to improper input validation.
VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the gateway firewall due to improper input validation.
VMware NSX Manager UI is vulnerable to stored cross-site scripting (XSS) attacks via improper input validation in user-controllable fields (CWE-79). An authenticated attacker with high privileges can inject malicious scripts that persist in the application and execute in the browsers of other users, potentially leading to session hijacking, credential theft, or unauthorized administrative actions. With a CVSS score of 7.5 and network-accessible attack vector, this vulnerability poses a moderate-to-high risk to NSX Manager deployments, particularly in multi-user environments.
VMware Cloud Foundation contains a missing authorisation vulnerability. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
VMware Aria automation contains a DOM based Cross-Site Scripting (XSS) vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability via HGFS out-of-bounds read, allowing VM administrators to leak memory from the VMX process on the host.
VMware ESXi contains an arbitrary write vulnerability that allows privileged VMX process users to trigger kernel writes, enabling escape from the VMX sandbox to the ESXi kernel.
VMware ESXi and Workstation contain a TOCTOU race condition leading to out-of-bounds write, allowing local administrators on VMs to escape the sandbox and execute code as the VMX process on the host.
VMware Aria Operations contains an information disclosure vulnerability. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
VMware Aria Operation for Logs contains a stored cross-site scripting vulnerability. Rated medium severity (CVSS 5.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
VMware Aria Operations for Logs contains a privilege escalation vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
VMware Aria Operations for Logs contains a stored cross-site scripting vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
VMware Aria Operations for Logs contains an information disclosure vulnerability. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.
VMware Aria Operations contains a stored cross-site scripting vulnerability. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
VMware Aria Operations contains a stored cross-site scripting vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
VMware Aria Operations contains a stored cross-site scripting vulnerability. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
VMware Aria Operations contains a local privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
VMware Aria Operations contains a local privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
The vCenter Server contains a privilege escalation vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
VMware Aria Automation does not apply correct input validation which allows for SQL-injection in the product. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The vCenter Server contains a denial-of-service vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
VMware ESXi contains an out-of-bounds read vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
The vCenter Server contains a partial file read vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The vCenter Server contains an authenticated remote code execution vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The storage controllers on VMware ESXi, Workstation, and Fusion have out-of-bounds read/write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
VMware ESXi contains an out-of-bounds write vulnerability. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
VMware Aria Operations contains a local privilege escalation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
VMware Aria Operations contains a local privilege escalation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
VMware Workspace ONE Access and VMware Identity Manager contain an insecure redirect vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.
VMware Aria Operations contains a privilege escalation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
VMware Aria Operations contains a Local privilege escalation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.
VMware Aria Operations contains a deserialization vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
VMware Aria Operations contains a privilege escalation vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
VMware Aria Operations for Logs contains a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
VMware Aria Operations for Logs contains a deserialization vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
VMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
VMware ESXi contains a heap-overflow vulnerability. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
The vCenter Server contains a denial-of-service vulnerability in the content library service. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
VMware Cloud Foundation (NSX-V) contains an XML External Entity (XXE) vulnerability. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
VMware ESXi contains a null-pointer deference vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.
The vCenter Server contains a server-side request forgery (SSRF) vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site request forgery vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The vCenter Server contains a privilege escalation vulnerability in the IWA (Integrated Windows Authentication) authentication mechanism. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.
VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.
The vCenter Server contains a denial-of-service vulnerability in the Analytics service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
The vCenter Server contains a denial-of-service vulnerability in VAPI (vCenter API) service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The vCenter Server contains an arbitrary file deletion vulnerability in a VMware vSphere Life-cycle Manager plug-in. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input sanitization. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
The vCenter Server contains an authenticated code execution vulnerability in VAMI (Virtual Appliance Management Infrastructure). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.
The vCenter Server contains a file path traversal vulnerability leading to information disclosure in the appliance management API. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The vCenter Server contains an information disclosure vulnerability due to an unauthenticated appliance management API. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.
vCenter Server contains an unauthenticated API endpoint vulnerability in vCenter Server Content Library. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The vCenter Server contains a denial-of-service vulnerability in VPXD service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.
The vCenter Server contains multiple denial-of-service vulnerabilities in VAPI (vCenter API) service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.
The vCenter Server contains an information disclosure vulnerability in VAPI (vCenter API) service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The vCenter Server contains a local information disclosure vulnerability in the Analytics service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
The vCenter Server contains a reverse proxy bypass vulnerability due to the way the endpoints handle the URI. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
The vCenter Server contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in vCenter Server Content Library. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.
The vCenter Server contains a denial-of-service vulnerability due to improper XML entity parsing. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on port 7443. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints, on port 8443, to be accessed via port 443 using a custom host header. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.
VMware vRealize Log Insight (8.x prior to 8.4) contains a Cross Site Scripting (XSS) vulnerability due to improper user input validation. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.
The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in an end point. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Server-Side Request Forgery (SSRF) vulnerability could allow attackers to make the server perform requests to unintended internal or external resources.
The vRealize Operations Manager API (8.x prior to 8.5) contains a broken access control vulnerability leading to unauthenticated API access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.
The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary log-file read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.