Product:

Vrealize_operations

(Vmware)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 18
Date Id Summary Products Score Patch Annotated
2020-02-19 CVE-2020-3943 vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) uses a JMX RMI service which is not securely configured. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may be able to execute arbitrary code in vRealize Operations. Vrealize_operations 9.8
2020-02-19 CVE-2020-3944 vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) has an improper trust store configuration leading to authentication bypass. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may be able to bypass Adapter authentication. Vrealize_operations 8.6
2020-02-19 CVE-2020-3945 vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) contains an information disclosure vulnerability due to incorrect pairing implementation between the vRealize Operations for Horizon Adapter and Horizon View. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may obtain sensitive information Vrealize_operations 7.5
2021-10-13 CVE-2021-22033 Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability. Cloud_foundation, Vrealize_operations, Vrealize_suite_lifecycle_manager 2.7
2022-08-10 CVE-2022-31672 VMware vRealize Operations contains a privilege escalation vulnerability. A malicious actor with administrative network access can escalate privileges to root. Vrealize_operations 7.2
2022-08-10 CVE-2022-31673 VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can create and leak hex dumps, leading to information disclosure. Successful exploitation can lead to a remote code execution. Vrealize_operations 8.8
2022-08-10 CVE-2022-31674 VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can access log files that lead to information disclosure. Vrealize_operations 4.3
2022-08-10 CVE-2022-31675 VMware vRealize Operations contains an authentication bypass vulnerability. An unauthenticated malicious actor with network access may be able to create a user with administrative privileges. Vrealize_operations 7.5
2022-10-11 CVE-2022-31682 VMware Aria Operations contains an arbitrary file read vulnerability. A malicious actor with administrative privileges may be able to read arbitrary files containing sensitive data. Vrealize_operations 4.9
2022-12-16 CVE-2022-31707 vRealize Operations (vROps) contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2. Vrealize_operations 7.2