Описание
The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data.
Уязвимые конфигурации
Конфигурация 1Версия от 4.0 (включая) до 5.1.1 (исключая)
Одно из
cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:a:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:b:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:c:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:d:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update1:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update1a:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update1c:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update1d:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update2:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update2a:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update2b:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update2c:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update2d:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update3:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update3a:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update3c:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update3d:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update3e:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update3f:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update3g:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update3h:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update3i:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update3j:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update3k:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update3l:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update3m:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update3n:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update3o:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:7.0:update3p:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:8.0:-:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:8.0:a:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:8.0:b:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:8.0:c:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:8.0:update1:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:8.0:update1a:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:8.0:update1b:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:8.0:update1c:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:8.0:update1d:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:8.0:update1e:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:8.0:update2:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server:8.0:update2a:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.11298
Средний
4.9 Medium
CVSS3
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 4.9
github
больше 1 года назад
The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data.
CVSS3: 4.9
fstec
около 2 лет назад
Уязвимость плагина com.vmware.rvc программного обеспечения управления виртуальной инфраструктурой VMware vCenter Server, позволяющая нарушителю раскрыть защищаемую информацию
EPSS
Процентиль: 93%
0.11298
Средний
4.9 Medium
CVSS3
Дефекты
CWE-200