Vulnerabilities (CVE)

Filtered by vendor Vmware Subscribe
Filtered by product Velocloud Orchestrator
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-3973 2 Linux, Vmware 2 Linux Kernel, Velocloud Orchestrator 2024-11-21 6.5 MEDIUM 8.8 HIGH
The VeloCloud Orchestrator does not apply correct input validation which allows for blind SQL-injection. A malicious actor with tenant access to Velocloud Orchestrator could enter specially crafted SQL queries and obtain data to which they are not privileged.