Vulnerabilities > Vmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-09-23 CVE-2021-22020 Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server
The vCenter Server contains a denial-of-service vulnerability in the Analytics service.
local
low complexity
vmware
5.5
5.5
2021-09-23 CVE-2021-21993 Server-Side Request Forgery (SSRF) vulnerability in VMWare Cloud Foundation and Vcenter Server
The vCenter Server contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in vCenter Server Content Library.
network
low complexity
vmware CWE-918
6.5
6.5
2021-09-23 CVE-2021-22007 Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server
The vCenter Server contains a local information disclosure vulnerability in the Analytics service.
local
low complexity
vmware
5.5
5.5
2021-09-23 CVE-2021-22011 Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server
vCenter Server contains an unauthenticated API endpoint vulnerability in vCenter Server Content Library.
network
low complexity
vmware
5.3
5.3
2021-09-22 CVE-2021-21992 Unspecified vulnerability in VMWare Vcenter Server 6.5/6.7/7.0
The vCenter Server contains a denial-of-service vulnerability due to improper XML entity parsing.
network
low complexity
vmware
6.5
6.5
2021-08-30 CVE-2021-22021 Cross-site Scripting vulnerability in VMWare Cloud Foundation and Vrealize LOG Insight
VMware vRealize Log Insight (8.x prior to 8.4) contains a Cross Site Scripting (XSS) vulnerability due to improper user input validation.
network
low complexity
vmware CWE-79
5.4
5.4
2021-08-30 CVE-2021-22022 Path Traversal vulnerability in VMWare products
The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary file read vulnerability.
network
low complexity
vmware CWE-22
4.9
4.9
2021-06-28 CVE-2021-32719 Cross-site Scripting vulnerability in VMWare Rabbitmq
RabbitMQ is a multi-protocol messaging broker.
network
low complexity
vmware CWE-79
4.8
4.8
2021-06-28 CVE-2021-32718 Cross-site Scripting vulnerability in VMWare Rabbitmq
RabbitMQ is a multi-protocol messaging broker.
network
low complexity
vmware CWE-79
5.4
5.4
2021-06-18 CVE-2021-21997 Unspecified vulnerability in VMWare Tools
VMware Tools for Windows (11.x.y prior to 11.3.0) contains a denial-of-service vulnerability in the VM3DMP driver.
local
low complexity
vmware
5.5
5.5