VYPR

Vcloud Director

by VMware

CVEs (5)

  • CVE-2016-2076HigApr 15, 2016
    risk 0.50cvss 7.6epss 0.01

    Client Integration Plugin (CIP) in VMware vCenter Server 5.5 U3a, U3b, and U3c and 6.0 before U2; vCloud Director 5.5.5; and vRealize Automation Identity Appliance 6.2.4 before 6.2.4.1 mishandles session content, which allows remote attackers to hijack sessions via a crafted web…

  • CVE-2020-3956May 20, 2020
    risk 0.06cvss epss 0.21

    VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x before 9.5.0.6, and 9.1.0.x before 9.1.0.4 do not properly handle input leading to a code injection vulnerability. An authenticated actor may be able to send malicious traffic to VMware Cloud Director…

  • CVE-2022-22966Apr 14, 2022
    risk 0.01cvss epss 0.06

    An authenticated, high privileged malicious actor with network access to the VMware Cloud Director tenant or provider may be able to exploit a remote code execution vulnerability to gain access to the server.

  • CVE-2024-22256Mar 7, 2024
    risk 0.00cvss epss 0.00

    VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance.

  • CVE-2014-1211Jan 17, 2014
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in VMware vCloud Director 5.1.x before 5.1.3 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger a logout.