Element Plug IN FOR Vcenter Server

DATE	CVE	VULNERABILITY TITLE	RISK
2022-07-07	CVE-2022-2047	Improper Input Validation vulnerability in multiple products In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. network low complexity eclipse debian netapp CWE-20	2.7
2022-07-07	CVE-2022-2048	In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. network low complexity eclipse debian netapp jenkins	7.5
2021-07-15	CVE-2021-34429	For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. network low complexity eclipse netapp oracle	5.3
2021-06-22	CVE-2021-34428	Insufficient Session Expiration vulnerability in multiple products For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID manager. low complexity eclipse debian netapp oracle CWE-613	3.5
2021-04-01	CVE-2021-28164	In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF directory. network low complexity eclipse netapp oracle	5.3
2021-04-01	CVE-2021-28163	Link Following vulnerability in multiple products In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a static webapp, inadvertently serving the webapps themselves and anything else that might be in that directory. network low complexity eclipse fedoraproject apache netapp oracle CWE-59	2.7
2021-03-15	CVE-2021-26987	Element Plug-in for vCenter Server incorporates SpringBoot Framework. network low complexity vmware netapp	7.5
2021-02-26	CVE-2020-27223	Resource Exhaustion vulnerability in multiple products In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. network low complexity eclipse apache netapp debian oracle CWE-400	5.3
2019-04-29	CVE-2019-5492	Unspecified vulnerability in Netapp products Element Plug-in for vCenter Server versions prior to 4.2.3 may disclose sensitive account information to an unauthenticated attacker. network low complexity netapp	5.0