Egor Dimitrenko

**Name of the Vulnerable Software and Affected Versions** pki-core versions (affected versions not specified) **Description** The issue is related to the incorrect restriction of XML external entities, which can lead to XML external entity (XXE) attacks. A remote attacker can potentially retrieve the content of arbitrary files by sending specially crafted HTTP requests. The vulnerability is associated with insufficient validation of user-input XML data, allowing an attacker to view the contents of arbitrary files on the server or initiate requests to external systems. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Zoom on-premise Meeting Connector Controller versions prior to 4.6.348.20201217 Zoom on-premise Meeting Connector MMR versions prior to 4.6.348.20201217 Zoom on-premise Recording Connector versions prior to 3.8.42.20200905 Zoom on-premise Virtual Room Connector versions prior to 4.4.6620.20201110 Zoom on-premise Virtual Room Connector Load Balancer versions prior to 2.5.5495.20210326 Description: The network proxy page on the web portal for the affected Zoom products fails to validate input sent in requests to update the network proxy configuration, which could lead to remote command injection on the on-premise image by a web portal administrator. Recommendations: For Zoom on-premise Meeting Connector Controller versions prior to 4.6.348.20201217, update to version 4.6.348.20201217 or later. For Zoom on-premise Meeting Connector MMR versions prior to 4.6.348.20201217, update to version 4.6.348.20201217 or later. For Zoom on-premise Recording Connector versions prior to 3.8.42.20200905, update to version 3.8.42.20200905 or later. For Zoom on-premise Virtual Room Connector versions prior to 4.4.6620.20201110, update to version 4.4.6620.20201110 or later. For Zoom on-premise Virtual Room Connector Load Balancer versions prior to 2.5.5495.20210326, update to version 2.5.5495.20210326 or later.

Name of the Vulnerable Software and Affected Versions: Zoom on-premise Meeting Connector versions prior to 4.6.360.20210325 Zoom on-premise Meeting Connector MMR versions prior to 4.6.360.20210325 Zoom on-premise Recording Connector versions prior to 3.8.44.20210326 Zoom on-premise Virtual Room Connector versions prior to 4.4.6752.20210326 Zoom on-premise Virtual Room Connector Load Balancer versions prior to 2.5.5495.20210326 Description: The network address administrative settings web portal for the Zoom on-premise products fails to validate input sent in requests to update the network configuration, which could lead to remote command injection on the on-premise image by the web portal administrators. Recommendations: For Zoom on-premise Meeting Connector versions prior to 4.6.360.20210325, update to version 4.6.360.20210325 or later. For Zoom on-premise Meeting Connector MMR versions prior to 4.6.360.20210325, update to version 4.6.360.20210325 or later. For Zoom on-premise Recording Connector versions prior to 3.8.44.20210326, update to version 3.8.44.20210326 or later. For Zoom on-premise Virtual Room Connector versions prior to 4.4.6752.20210326, update to version 4.4.6752.20210326 or later. For Zoom on-premise Virtual Room Connector Load Balancer versions prior to 2.5.5495.20210326, update to version 2.5.5495.20210326 or later.

**Name of the Vulnerable Software and Affected Versions** vRealize Operations Manager API versions 8.x prior to 8.5 **Description** The issue is related to an arbitrary file read vulnerability in the vRealize Operations Manager API. A malicious actor with administrative access can read any arbitrary file on the server, leading to information disclosure. The vulnerability is associated with insufficient validation of incoming requests. **Recommendations** For versions 8.x prior to 8.5, update to version 8.5 or later to resolve the issue. As a temporary workaround, consider restricting administrative access to the vRealize Operations Manager API to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** vRealize Operations Manager API versions 8.x prior to 8.5 **Description** The issue is related to an insecure object reference vulnerability in the vRealize Operations Manager API. This vulnerability can be exploited by a malicious actor with administrative access, potentially allowing them to modify other users' information and leading to an account takeover. The vulnerability is also associated with insufficient validation of incoming requests, which could allow a remote attacker to disclose protected information. **Recommendations** For versions 8.x prior to 8.5, update to version 8.5 or later to resolve the issue. As a temporary workaround, consider restricting administrative access to the vRealize Operations Manager API to minimize the risk of exploitation. Additionally, monitor user account activity for any suspicious modifications.

**Name of the Vulnerable Software and Affected Versions** VMware vRealize Business for Cloud versions prior to 7.6.0 **Description** The issue is related to insufficient argument validation in a command, allowing a remote attacker to execute arbitrary commands on the target system. This can lead to unauthorized remote code execution on the vRealize Business for Cloud Virtual Appliance. A malicious actor with network access may exploit this issue. **Recommendations** For versions prior to 7.6.0, update to version 7.6.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable endpoint to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: VMware Carbon Black Cloud Workload appliance versions 1.0.0 through 1.0.1 Description: The issue is related to an authentication bypass vulnerability in the administrative interface of the VMware Carbon Black Cloud Workload appliance. This vulnerability may allow a malicious actor with network access to obtain a valid authentication token, resulting in the ability to view and alter administrative configuration settings. The vulnerability is related to deficiencies in the authentication procedure. Recommendations: For versions 1.0.0 and 1.0.1, update to a version newer than 1.0.1 to resolve the issue. As a temporary workaround, consider restricting access to the administrative interface of the VMware Carbon Black Cloud Workload appliance to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** vRealize Operations versions prior to 8.4 **Description** The issue is related to an uncontrolled upload of dangerous file types in the vRealize Operations API interface. This could allow a remote attacker to upload malicious files. An authenticated malicious actor with network access to the vRealize Operations Manager API may be able to write files to arbitrary locations on the underlying photon operating system. **Recommendations** For versions prior to 8.4, update to version 8.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the vRealize Operations Manager API to minimize the risk of exploitation. Avoid using the API for file uploads until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** vRealize Operations versions prior to 8.4 **Description** The issue is related to insufficient server-side request validation in the vRealize Operations API, which can be exploited by a remote attacker to gain unauthorized access to sensitive information. This can lead to a Server Side Request Forgery (SSRF) attack, potentially allowing the theft of administrative credentials. **Recommendations** For versions prior to 8.4, update to version 8.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the vRealize Operations Manager API to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** vSphere Replication versions 6.5.x through 6.5.1.4 vSphere Replication versions 8.1.x through 8.1.2.2 vSphere Replication versions 8.2.x through 8.2.1.0 vSphere Replication versions 8.3.x through 8.3.1.1 **Description** The issue is related to a post-authentication command injection vulnerability. This vulnerability may allow an authenticated admin user to perform a remote code execution. The vulnerability is associated with insufficient checking of arguments passed to a command in the "Startup Configuration" page of the VMware vSphere Replication extension for asynchronous replication of virtual machines. **Recommendations** For vSphere Replication version 6.5.x, update to version 6.5.1.5 or later. For vSphere Replication version 8.1.x, update to version 8.1.2.3 or later. For vSphere Replication version 8.2.x, update to version 8.2.1.1 or later. For vSphere Replication version 8.3.x, update to version 8.3.1.2 or later.

**Name of the Vulnerable Software and Affected Versions** ZTE ZXHN F670 product versions up to V1.1.10P3T18 **Description** The issue is related to a cross-site scripting vulnerability (XSS) due to incomplete input validation. An authorized user can exploit this to execute malicious scripts. **Recommendations** For versions up to V1.1.10P3T18, consider disabling any features that rely on user input validation until a patch is available. Restrict access to sensitive areas of the product to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ZTE ZXHN F670 versions prior to V1.1.10P3T18 **Description** The issue is related to a command injection vulnerability due to insufficient parameter validation check. This allows an authorized user to exploit the vulnerability and take control of the user router system. **Recommendations** For versions prior to V1.1.10P3T18, update to a version that includes the necessary security patches to fix the command injection vulnerability.

**Name of the Vulnerable Software and Affected Versions** ZTE ZXHN F670 versions prior to V1.1.10P3T18 **Description** The issue is related to improper access control, which may allow an unauthorized user to perform unauthorized operations on the router. **Recommendations** For versions prior to V1.1.10P3T18, update to a version that addresses the improper access control issue to prevent unauthorized operations on the router.