Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Vcenter_server_appliance
(Vmware)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 14 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2014-07-17 | CVE-2014-4241 | Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect integrity via vectors related to WLS - Web Services. | Fusion_middleware, Esxi, Vcenter_server, Vcenter_server_appliance | N/A | ||
| 2014-12-08 | CVE-2014-3797 | Cross-site scripting (XSS) vulnerability in VMware vCenter Server Appliance (vCSA) 5.1 before Update 3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | Vcenter_server_appliance | N/A | ||
| 2014-06-01 | CVE-2014-3790 | Ruby vSphere Console (RVC) in VMware vCenter Server Appliance allows remote authenticated users to execute arbitrary commands as root by escaping from a chroot jail. | Vcenter_server_appliance | N/A | ||
| 2013-05-01 | CVE-2013-3107 | VMware vCenter Server 5.1 before Update 1, when anonymous LDAP binding for Active Directory is enabled, allows remote attackers to bypass authentication by providing a valid username in conjunction with an empty password. | Vcenter_server_appliance | N/A | ||
| 2013-05-01 | CVE-2013-3080 | VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to create or overwrite arbitrary files, and consequently execute arbitrary code or cause a denial of service, by leveraging Virtual Appliance Management Interface (VAMI) web-interface access. | Vcenter_server_appliance | N/A | ||
| 2013-05-01 | CVE-2013-3079 | VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to execute arbitrary programs with root privileges by leveraging Virtual Appliance Management Interface (VAMI) access. | Vcenter_server_appliance | N/A | ||
| 2013-02-22 | CVE-2013-1659 | VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5.1 before 5.1.0b; VMware ESXi 3.5 through 5.1; and VMware ESX 3.5 through 4.1 do not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption) by modifying the client-server data stream. | Esxi, Vcenter_server, Vcenter_server_appliance | N/A | ||
| 2013-02-22 | CVE-2012-6326 | VMware vCenter Server 4.1 before Update 3 and 5.0 before Update 2, and vCSA 5.0 before Update 2, allows remote attackers to cause a denial of service (disk consumption) via vectors that trigger large log entries. | Vcenter_server, Vcenter_server_appliance | N/A | ||
| 2012-12-21 | CVE-2012-6325 | VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 does not properly parse XML documents, which allows remote authenticated users to read arbitrary files via unspecified vectors. | Vcenter_server_appliance | N/A | ||
| 2012-12-21 | CVE-2012-6324 | Directory traversal vulnerability in VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 and 5.1 before Patch 1 allows remote authenticated users to read arbitrary files via unspecified vectors. | Vcenter_server_appliance | N/A |