Search
Search Results (10 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-6961 | 1 Vmware | 1 Nsx Sd-wan By Velocloud | 2025-07-30 | 8.1 High |
| VMware NSX SD-WAN Edge by VeloCloud prior to version 3.1.0 contains a command injection vulnerability in the local web UI component. This component is disabled by default and should not be enabled on untrusted networks. VeloCloud by VMware will be removing this service from the product in future releases. Successful exploitation of this issue could result in remote code execution. | ||||
| CVE-2022-31678 | 1 Vmware | 2 Cloud Foundation, Nsx Data Center | 2025-05-08 | 9.1 Critical |
| VMware Cloud Foundation (NSX-V) contains an XML External Entity (XXE) vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure. | ||||
| CVE-2017-4929 | 1 Vmware | 1 Nsx Edge | 2025-04-20 | N/A |
| VMware NSX Edge (6.2.x before 6.2.9 and 6.3.x before 6.3.5) contains a moderate Cross-Site Scripting (XSS) issue which may lead to information disclosure. | ||||
| CVE-2017-4920 | 1 Vmware | 1 Nsx-v Edge | 2025-04-20 | N/A |
| The implementation of the OSPF protocol in VMware NSX-V Edge 6.2.x prior to 6.2.8 and NSX-V Edge 6.3.x prior to 6.3.3 doesn't correctly handle the link-state advertisement (LSA). A rogue LSA may exploit this issue resulting in continuous sending of LSAs between two routers eventually going in loop or loss of connectivity. | ||||
| CVE-2016-2079 | 1 Vmware | 2 Nsx Edge, Vcloud Networking And Security Edge | 2025-04-12 | N/A |
| VMware NSX Edge 6.1 before 6.1.7 and 6.2 before 6.2.3 and vCNS Edge 5.5 before 5.5.4.3, when the SSL-VPN feature is configured, allow remote attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2014-3796 | 1 Vmware | 2 Nsx, Vcloud Networking And Security | 2025-04-12 | N/A |
| VMware NSX 6.0 before 6.0.6, and vCloud Networking and Security (vCNS) 5.1 before 5.1.4.2 and 5.5 before 5.5.3, does not properly validate input, which allows attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2022-22945 | 1 Vmware | 2 Cloud Foundation, Nsx Data Center | 2024-11-21 | 7.8 High |
| VMware NSX Edge contains a CLI shell injection vulnerability. A malicious actor with SSH access to an NSX-Edge appliance can execute arbitrary commands on the operating system as root. | ||||
| CVE-2024-38818 | 1 Vmware | 3 Cloud Foundation, Nsx, Nsx-t | 2024-10-10 | 6.7 Medium |
| VMware NSX contains a local privilege escalation vulnerability. An authenticated malicious actor may exploit this vulnerability to obtain permissions from a separate group role than previously assigned. | ||||
| CVE-2024-38815 | 1 Vmware | 3 Cloud Foundation, Nsx, Nsx-t | 2024-10-10 | 4.3 Medium |
| VMware NSX contains a content spoofing vulnerability. An unauthenticated malicious actor may be able to craft a URL and redirect a victim to an attacker controlled domain leading to sensitive information disclosure. | ||||
| CVE-2024-38817 | 1 Vmware | 3 Cloud Foundation, Nsx, Nsx-t | 2024-10-10 | 6.7 Medium |
| VMware NSX contains a command injection vulnerability. A malicious actor with access to the NSX Edge CLI terminal may be able to craft malicious payloads to execute arbitrary commands on the operating system as root. | ||||
Page 1 of 1.