Sergey

**Name of the Vulnerable Software and Affected Versions** vCenter Server (affected versions not specified) **Description** The issue is related to insufficient input validation in the Analytics service of VMware vCenter Server and VMware Cloud Foundation, which can lead to a denial-of-service condition. Successful exploitation may allow an attacker to cause a denial-of-service on vCenter Server. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** vCenter Server (affected versions not specified) **Description** The vCenter Server contains a file path traversal vulnerability leading to information disclosure in the appliance management API. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information by sending a specially crafted HTTP request. This vulnerability is related to insufficient directory path checking in the vCenter Server Appliance Management Interface (VAMI), allowing unauthorized access to protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.