CPE Details
VMware Cloud Foundation 4.1.0.1
4.1.0.1
2020-11-30
15h56 +00:00
15h56 +00:00
2021-05-28
14h36 +00:00
14h36 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:o:vmware:cloud_foundation:4.1.0.1:*:*:*:*:*:*:*
Informations
Vendor
vmwareProduct
cloud_foundationVersion
4.1.0.1Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header. | 5.3 |
Medium |
||
| VMware Cloud Foundation contains an information disclosure vulnerability due to logging of credentials in plain-text within multiple log files on the SDDC Manager. A malicious actor with root access on VMware Cloud Foundation SDDC Manager may be able to view credentials in plaintext within one or more log files. | 4.9 |
Medium |
||
| The vCenter Server contains a privilege escalation vulnerability in the IWA (Integrated Windows Authentication) authentication mechanism. A malicious actor with non-administrative access to vCenter Server may exploit this issue to elevate privileges to a higher privileged group. | 8.8 |
High |
||
| OpenSLP as used in ESXi has a denial-of-service vulnerability due a heap out-of-bounds read issue. A malicious actor with network access to port 427 on ESXi may be able to trigger a heap out-of-bounds read in OpenSLP service resulting in a denial-of-service condition. | 7.5 |
High |
||
| SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability. A malicious actor with network access to port 5989 on ESXi may exploit this issue to bypass SFCB authentication by sending a specially crafted request. | 9.8 |
Critical |
2025©
tesweb SA
