Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
VMware vSphere Client 5.5 before U3e and 6.0 before U2a allows remote vCenter Server and ESXi instances to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
VMware vSphere Client 信息泄露漏洞
Vulnerability Description
VMware vSphere是美国威睿(VMware)公司的一套用于构建云计算基础架构的虚拟化平台,该平台将应用程序和操作系统从底层硬件分离出来,从而简化了IT操作。VMware vSphere Client是VMware vSphere的一个客户端软件。 VMware vSphere Client U3e之前的5.5版本和U2a之前的6.0版本中存在XML外部实体注入漏洞。远程攻击者可借助外部实体声明和实体引用相结合的XML文档利用该漏洞读取任意文件。
CVSS Information
N/A
Vulnerability Type
N/A