Description

A security filter misconfiguration exists in VMware Hyperic Server 5.8.6. Exploitation of this vulnerability enables a malicious party to bypass some authentication requirements when issuing requests to Hyperic Server. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Related CPE's

a

vmware

hyperic_server

5.8.6

Vulnerable

References

https://www.cyber.gov.au/acsc/view-all-content/alerts/multiple-vulnerabilities-vmware-vrealize-hyperic-monitoring-and-performance-management-product

Third Party Advisory

https://www.cyber.gov.au/acsc/view-all-content/alerts/multiple-vulnerabilities-vmware-vrealize-hyperic-monitoring-and-performance-management-product

Third Party Advisory

Weaknesses

[email protected]

Primary
NVD-CWE-noinfo

134c704f-9b21-4f2e-91b3-4a467353bcc0

Secondary
CWE-862

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 · Critical

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2022-11-12T04:15:12.630Z

3 years ago

Last modified

2025-05-01T12:15:27.147Z

11 months ago