VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure. VMware Cloud Foundation (NSX-V) contains an XML External Entity (XXE) vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host. VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with administrative privileges may be able to read arbitrary files containing sensitive data. VMware Aria Operations contains an arbitrary file read vulnerability.
0 kommentar(er)
