Vulnerabilities > Vmware > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-09-23 | CVE-2021-21993 | Server-Side Request Forgery (SSRF) vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in vCenter Server Content Library. | 4.0 |
2021-09-23 | CVE-2021-22006 | Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains a reverse proxy bypass vulnerability due to the way the endpoints handle the URI. | 5.0 |
2021-09-23 | CVE-2021-22008 | Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains an information disclosure vulnerability in VAPI (vCenter API) service. | 5.0 |
2021-09-23 | CVE-2021-22009 | Exposure of Resource to Wrong Sphere vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains multiple denial-of-service vulnerabilities in VAPI (vCenter API) service. | 5.0 |
2021-09-23 | CVE-2021-22010 | Resource Exhaustion vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains a denial-of-service vulnerability in VPXD service. | 5.0 |
2021-09-23 | CVE-2021-22011 | Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server vCenter Server contains an unauthenticated API endpoint vulnerability in vCenter Server Content Library. | 5.0 |
2021-09-23 | CVE-2021-22012 | Missing Authentication for Critical Function vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains an information disclosure vulnerability due to an unauthenticated appliance management API. | 5.0 |
2021-09-23 | CVE-2021-22013 | Path Traversal vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains a file path traversal vulnerability leading to information disclosure in the appliance management API. | 5.0 |
2021-09-22 | CVE-2021-21991 | Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens. | 4.6 |
2021-09-22 | CVE-2021-21992 | Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains a denial-of-service vulnerability due to improper XML entity parsing. | 6.8 |