cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-22256,https://securityvulnerability.io/vulnerability/CVE-2024-22256,VMware Cloud Director Partial Information Disclosure Vulnerability,VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance.,VMware,Vmware Cloud Director,4.3,MEDIUM,0.00046999999904073775,false,,false,false,false,,,false,false,,2024-03-07T10:08:20.579Z,0
CVE-2023-34060,https://securityvulnerability.io/vulnerability/CVE-2023-34060,Authentication Bypass in VMware Cloud Director Appliance Versions,"The VMware Cloud Director Appliance has a vulnerability that permits malicious actors to bypass authentication on SSH and appliance management console ports (22 and 5480) following an upgrade from an earlier version to 10.5. This flaw arises due to the appliance's use of an affected version of sssd on the underlying Photon OS, which does not occur in fresh installations of 10.5. Users can safeguard their systems by ensuring they upgrade to Photon OS versions sssd-2.8.1-11 or higher, mitigating this security risk. The issue does not affect the primary login portal operating on port 443.",Vmware,VMware Cloud Director Appliance (VCD Appliance),9.8,CRITICAL,0.001879999996162951,false,,true,false,false,,,false,false,,2023-11-14T21:15:00.000Z,0
CVE-2022-22966,https://securityvulnerability.io/vulnerability/CVE-2022-22966,Remote Code Execution Vulnerability in VMware Cloud Director,"In VMware Cloud Director, a remote code execution vulnerability has been identified that allows an authenticated user with high privileges to exploit the system. This vulnerability arises when a malicious actor gains network access to the VMware Cloud Director tenant or provider environment. Successful exploitation could potentially enable unauthorized access to server resources, posing significant risks to the integrity and confidentiality of the environment.",Vmware,Vmware Cloud Director,7.2,HIGH,0.0025500000920146704,false,,false,false,true,2022-08-01T04:29:02.000Z,true,false,false,,2022-04-14T20:05:49.000Z,0
CVE-2021-22034,https://securityvulnerability.io/vulnerability/CVE-2021-22034,Information Disclosure Vulnerability in VMware vRealize Operations,"Prior to version 8.6, VMware vRealize Operations Tenant App is affected by an Information Disclosure Vulnerability that could allow unauthorized access to sensitive information. This vulnerability could potentially expose system details that could be leveraged by attackers to enhance their malicious activity. Users are encouraged to update to the latest version to mitigate risks associated with this issue.",Vmware,Vmware Vrealize Operations Tenant App For Vmware Cloud Director,7.5,HIGH,0.0018599999602884054,false,,false,false,false,,,false,false,,2021-10-21T19:35:10.000Z,0
CVE-2020-3956,https://securityvulnerability.io/vulnerability/CVE-2020-3956,Code Injection Vulnerability in VMware Cloud Director by VMware,"VMware Cloud Director versions 10.0.x prior to 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x before 9.5.0.6, and 9.1.0.x before 9.1.0.4 exhibit a vulnerability that arises from improper input handling. This issue allows an authenticated attacker to craft and send malicious traffic through the HTML5 and Flex-based user interfaces, the API Explorer, and API access. If exploited, this may lead to arbitrary remote code execution, posing serious security risks to affected installations.",Vmware,Vmware Cloud Director,8.8,HIGH,0.6381499767303467,false,,false,false,true,2020-06-01T18:26:32.000Z,true,false,false,,2020-05-20T13:30:58.000Z,0