Vulnerabilities
Vulnerable Software
Vmware:  >> Cloud Foundation  Security Vulnerabilities
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.
CVSS Score
9.3
EPSS Score
0.001
Published
2024-03-05
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.
CVSS Score
6.7
EPSS Score
0.0
Published
2024-02-21
Aria Automation contains a Missing Access Control vulnerability. An authenticated malicious actor may exploit this vulnerability leading to unauthorized access to remote organizations and workflows.
CVSS Score
9.9
EPSS Score
0.002
Published
2024-01-16
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-09-27
VMware Workspace ONE Access and VMware Identity Manager contain an insecure redirect vulnerability. An unauthenticated malicious actor may be able to redirect a victim to an attacker controlled domain due to improper path handling leading to sensitive information disclosure.
CVSS Score
6.1
EPSS Score
0.003
Published
2023-05-30
VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation.
CVSS Score
8.8
EPSS Score
0.004
Published
2023-05-12
VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system.
CVSS Score
7.2
EPSS Score
0.006
Published
2023-05-12
VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-05-12
VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-05-12
VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.
CVSS Score
9.8
EPSS Score
0.927
Published
2023-04-20


Contact Us

Shodan ® - All rights reserved