Vulnerabilities
Vulnerable Software
Vmware:  Security Vulnerabilities
Under certain circumstances, when manipulating the Windows registry, InstallBuilder uses the reg.exe system command. The full path to the command is not enforced, which results in a search in the search path until a binary can be identified. This makes the installer/uninstaller vulnerable to Path Interception by Search Order Hijacking, potentially allowing an attacker to plant a malicious reg.exe command so it takes precedence over the system command. The vulnerability only affects Windows installers.
CVSS Score
7.8
EPSS Score
0.003
Published
2021-10-29
On Windows, the uninstaller binary copies itself to a fixed temporary location, which is then executed (the originally called uninstaller exits, so it does not block the installation directory). This temporary location is not randomized and does not restrict access to Administrators only so a potential attacker could plant a binary to replace the copied binary right before it gets called, thus gaining Administrator privileges (if the original uninstaller was executed as Administrator). The vulnerability only affects Windows installers.
CVSS Score
8.8
EPSS Score
0.01
Published
2021-10-29
In Spring AMQP versions 2.2.0 - 2.2.18 and 2.3.0 - 2.3.10, the Spring AMQP Message object, in its toString() method, will deserialize a body for a message with content type application/x-java-serialized-object. It is possible to construct a malicious java.util.Dictionary object that can cause 100% CPU usage in the application if the toString() method is called.
CVSS Score
6.5
EPSS Score
0.01
Published
2021-10-28
In Spring Cloud OpenFeign 3.0.0 to 3.0.4, 2.2.0.RELEASE to 2.2.9.RELEASE, and older unsupported versions, applications using type-level `@RequestMapping`annotations over Feign client interfaces, can be involuntarily exposing endpoints corresponding to `@RequestMapping`-annotated interface methods.
CVSS Score
7.5
EPSS Score
0.011
Published
2021-10-28
In Spring Data REST versions 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, and older unsupported versions, HTTP resources implemented by custom controllers using a configured base API path and a controller type-level request mapping are additionally exposed under URIs that can potentially be exposed for unauthorized access depending on the Spring Security configuration.
CVSS Score
5.3
EPSS Score
0.007
Published
2021-10-28
In Spring Framework versions 5.3.0 - 5.3.10, 5.2.0 - 5.2.17, and older unsupported versions, it is possible for a user to provide malicious input to cause the insertion of additional log entries.
CVSS Score
4.3
EPSS Score
0.013
Published
2021-10-28
Releases prior to VMware vRealize Operations Tenant App 8.6 contain an Information Disclosure Vulnerability.
CVSS Score
7.5
EPSS Score
0.01
Published
2021-10-21
Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability.
CVSS Score
2.7
EPSS Score
0.006
Published
2021-10-13
VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. An authenticated malicious actor with non-administrative privileges may be able to embed untrusted data prior to exporting a CSV sheet through Log Insight which could be executed in user's environment.
CVSS Score
4.3
EPSS Score
0.006
Published
2021-10-13
VMware vRealize Orchestrator ((8.x prior to 8.6) contains an open redirect vulnerability due to improper path handling. A malicious actor may be able to redirect victim to an attacker controlled domain due to improper path handling in vRealize Orchestrator leading to sensitive information disclosure.
CVSS Score
6.5
EPSS Score
0.009
Published
2021-10-13


Contact Us

Shodan ® - All rights reserved