Vulnerabilities > Vmware > High

DATE CVE VULNERABILITY TITLE RISK
2023-10-20 CVE-2023-34046 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in VMWare Fusion 13.0.0/13.0.1/13.0.2
VMware Fusion(13.x prior to 13.5) contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during installation for the first time (the user needs to drag or copy the application to a folder from the '.dmg' volume) or when installing an upgrade. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is installed or being installed for the first time.
local
high complexity
vmware CWE-367
7.0
2023-10-20 CVE-2023-34052 Deserialization of Untrusted Data vulnerability in VMWare Aria Operations for Logs
VMware Aria Operations for Logs contains a deserialization vulnerability. A malicious actor with non-administrative access to the local system can trigger the deserialization of data which could result in authentication bypass.
local
low complexity
vmware CWE-502
7.8
2023-08-31 CVE-2023-20900 Authentication Bypass by Capture-replay vulnerability in multiple products
A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html  in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html .
7.5
2023-08-29 CVE-2023-20890 Path Traversal vulnerability in VMWare Aria Operations for Networks
Aria Operations for Networks contains an arbitrary file write vulnerability. An authenticated malicious actor with administrative access to VMware Aria Operations for Networks can write files to arbitrary locations resulting in remote code execution.
network
low complexity
vmware CWE-22
7.2
2023-08-24 CVE-2023-34040 Deserialization of Untrusted Data vulnerability in VMWare Spring for Apache Kafka
In Spring for Apache Kafka 3.0.9 and earlier and versions 2.9.10 and earlier, a possible deserialization attack vector existed, but only if unusual configuration was applied.
local
low complexity
vmware CWE-502
7.8
2023-07-06 CVE-2023-20899 Missing Authorization vulnerability in VMWare Sd-Wan Edge Firmware 4.5.0
VMware SD-WAN (Edge) contains a bypass authentication vulnerability.
network
low complexity
vmware CWE-862
7.5
2023-06-22 CVE-2023-20896 Out-of-bounds Read vulnerability in VMWare Vcenter Server
The VMware vCenter Server contains an out-of-bounds read vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds read by sending a specially crafted packet leading to denial-of-service of certain services (vmcad, vmdird, and vmafdd).
network
low complexity
vmware CWE-125
7.5
2023-06-07 CVE-2023-20888 Deserialization of Untrusted Data vulnerability in VMWare Vrealize Network Insight
Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentials may be able to perform a deserialization attack resulting in remote code execution.
network
low complexity
vmware CWE-502
8.8
2023-06-07 CVE-2023-20889 Command Injection vulnerability in VMWare Vrealize Network Insight
Aria Operations for Networks contains an information disclosure vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in information disclosure.
network
low complexity
vmware CWE-77
7.5
2023-05-26 CVE-2023-20883 Resource Exhaustion vulnerability in VMWare Spring Boot
In Spring Boot versions 3.0.0 - 3.0.6, 2.7.0 - 2.7.11, 2.6.0 - 2.6.14, 2.5.0 - 2.5.14 and older unsupported versions, there is potential for a denial-of-service (DoS) attack if Spring MVC is used together with a reverse proxy cache.
network
low complexity
vmware CWE-400
7.5