Category: vCenter Server

VMware fixed five memory corruption issues in vCenter Server

RedOne

VMware addressed multiple memory corruption vulnerabilities in vCenter Server that can be exploited to achieve remote code execution. VMware released security updates to five memory corruption vulnerabilities (CVE-2023-20892, CVE-2023-20893, CVE-2023-20894, CVE-2023-20895, CVE-2023-20896) in vCenter Server that could lead to remote code execution. The memory corruption vulnerabilities reside in the software’s implementation of the DCERPC protocol. […]

Continue Reading

VMware fixed a high-severity bug in vCenter Server

RedOne

VMware this week addressed a severe vulnerability in vCenter Server that could lead to arbitrary code execution. VMware on Thursday released security patches to address a code execution vulnerability, tracked as CVE-2022-31680 (CVSS score of 7.2), in vCenter Server. The security issue is an unsafe deserialization vulnerability that resides in the platform services controller (PSC). […]

Continue Reading

Zero Care pour les Zero Days : bilan d’une année 2021

UnderNews

L’année 2021 est bel et bien présentée comme l’une des pires années jamais enregistrées en ce qui concerne le volume de vulnérabilités de type “zero-day” exploitées dans la nature. Certains y voient la preuve d’une meilleure détection par l’industrie, tandis que d’autres y voient une meilleure divulgation par les victimes. D’autres concluront qu’à mesure que […]

Continue Reading

VMware addresses File Read and SSRF flaws in vCenter Server

Pierluigi Paganini

VMware addressed arbitrary file read and server-side request forgery (SSRF) vulnerabilities in its vCenter Server product. VMware this week addressed arbitrary file read and server-side request forgery (SSRF) vulnerabilities affecting its vCenter Server product. vCenter Server is the centralized management utility for VMware, and is used to manage virtual machines, multiple ESXi hosts, and all dependent […]

Continue Reading

VMware discloses a severe flaw in vCenter Server that has yet to fix

Pierluigi Paganini

VMware announced it is working on patches for an important severity privilege escalation vulnerability affecting vCenter Server. VMware announced it’s working on security patches to address an important severity privilege escalation vulnerability, tracked as CVE-2021-22048, in its vCenter Server. vCenter Server is the centralized management utility for VMware and is used to manage virtual machines, multiple […]

Continue Reading