COOEY // HUBcompliance · community · intelligence

FAIL › dossier

VMware, Inc. company FedRAMP market

FedRAMP provider ·

26
failure events
0
zero-days
11
RCEs
26
on KEV
9
critical
95
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 26 events

DateEventSevFlagsShameSummary
2022-04-14 CVE-2022-22954 critical ⚡RCE ⌖KEV 95 VMware Workspace ONE Access and Identity Manager allow for remote code execution due to server-side template injection.
2021-11-03 CVE-2021-21985 critical ⚡RCE ⌖KEV 95 VMware vSphere Client contains an improper input validation vulnerability in the Virtual SAN Health Check plug-in, which is enabled by default in vCenter Server, which allows for remote code execution.
2021-11-03 CVE-2021-21972 critical ⚡RCE ⌖KEV 95 VMware vCenter Server vSphere Client contains a remote code execution vulnerability in a vCenter Server plugin which allows an attacker with network access to port 443 to execute commands with unrestricted privileges on the underlying operating system.
2021-11-03 CVE-2020-3992 critical ⚡RCE ⌖KEV 95 VMware ESXi OpenSLP contains a use-after-free vulnerability that allows an attacker residing in the management network with access to port 427 to perform remote code execution.
2021-11-03 CVE-2019-5544 critical ⚡RCE ⌖KEV 95 VMware ESXi and Horizon Desktop as a Service (DaaS) OpenSLP contains a heap-based buffer overflow vulnerability that allows an attacker with network access to port 427 to overwrite the heap of the OpenSLP service to perform remote code execution.
2025-03-04 CVE-2025-22225 critical ⌖KEV 80 VMware ESXi contains an arbitrary write vulnerability. Successful exploitation allows an attacker with privileges within the VMX process to trigger an arbitrary kernel write leading to an escape of the sandbox.
2024-07-30 CVE-2024-37085 critical ⌖KEV 80 VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was previously configured to use AD for user management by re-creating the configured AD group ('ESXi Admins'
2022-01-18 CVE-2021-21975 critical ⌖KEV 80 Server Side Request Forgery (SSRF) in vRealize Operations Manager API prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API to perform a SSRF attack to steal administrative credentials.
2021-11-03 CVE-2021-22005 critical ⌖KEV 80 VMware vCenter Server contains a file upload vulnerability in the Analytics service that allows a user with network access to port 443 to execute code.
2024-01-22 CVE-2023-34048 high ⚡RCE ⌖KEV 65 VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol that allows an attacker to conduct remote code execution.
2023-06-22 CVE-2023-20887 high ⚡RCE ⌖KEV 65 VMware Aria Operations for Networks (formerly vRealize Network Insight) contains a command injection vulnerability that allows a malicious actor with network access to perform an attack resulting in remote code execution.
2022-05-16 CVE-2022-22947 high ⚡RCE ⌖KEV 65 Spring Cloud Gateway applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured.
2022-04-04 CVE-2022-22965 high ⚡RCE ⌖KEV 65 Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.
2022-03-25 CVE-2018-6961 high ⚡RCE ⌖KEV 65 VMware SD-WAN Edge by VeloCloud contains a command injection vulnerability in the local web UI component. Successful exploitation of this issue could result in remote code execution.
2021-11-03 CVE-2020-4006 high ⚡RCE ⌖KEV 65 VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector contain a command injection vulnerability. An attacker with network access to the administrative configurator on port 8443 and a valid password for the configurator administrator accou
2025-03-04 CVE-2025-22224 high ⌖KEV 50 VMware ESXi and Workstation contain a time-of-check time-of-use (TOCTOU) race condition vulnerability that leads to an out-of-bounds write. Successful exploitation enables an attacker with local administrative privileges on a virtual machine to execute code as the virtual machine
2025-03-04 CVE-2025-22226 high ⌖KEV 50 VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. Successful exploitation allows an attacker with administrative privileges to a virtual machine to leak memory from the vmx process.
2024-11-20 CVE-2024-38812 high ⌖KEV 50 VMware vCenter Server contains a heap-based buffer overflow vulnerability in the implementation of the DCERPC protocol. This vulnerability could allow an attacker with network access to the vCenter Server to execute remote code by sending a specially crafted packet.
2024-11-20 CVE-2024-38813 high ⌖KEV 50 VMware vCenter contains an improper check for dropped privileges vulnerability. This vulnerability could allow an attacker with network access to the vCenter Server to escalate privileges to root by sending a specially crafted packet.
2024-07-17 CVE-2022-22948 high ⌖KEV 50 VMware vCenter Server contains an incorrect default file permissions vulnerability that allows a remote, privileged attacker to gain access to sensitive information.
2023-06-23 CVE-2023-20867 high ⌖KEV 50 VMware Tools contains an authentication bypass vulnerability in the vgauth module. A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. An attacker must hav
2022-04-15 CVE-2022-22960 high ⌖KEV 50 VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts.
2022-03-07 CVE-2021-21973 high ⌖KEV 50 VMware vCenter Server and Cloud Foundation Server contain a SSRF vulnerability due to improper validation of URLs in a vCenter Server plugin. This allows for information disclosure.
2022-01-10 CVE-2021-22017 high ⌖KEV 50 Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization.
2021-11-03 CVE-2020-3952 high ⌖KEV 50 VMware vCenter Server contains an information disclosure vulnerability in the VMware Directory Service (vmdir) when the Platform Services Controller (PSC) does not correctly implement access controls. Successful exploitation allows an attacker with network access to port 389 to e
2021-11-03 CVE-2020-3950 high ⌖KEV 50 VMware Fusion, Remote Console (VMRC) for Mac, and Horizon Client for Mac contain a privilege escalation vulnerability due to improper use of setuid binaries that allows attackers to escalate privileges to root.

FedRAMP catalog products 2

ProductStatusImpact
VMware Government Services (VGS) Authorized High
Workspace ONE Authorized Moderate