Product:

Vrealize_operations

(Vmware)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 18
Date Id Summary Products Score Patch Annotated
2022-08-10 CVE-2022-31672 VMware vRealize Operations contains a privilege escalation vulnerability. A malicious actor with administrative network access can escalate privileges to root. Vrealize_operations 7.2
2022-08-10 CVE-2022-31673 VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can create and leak hex dumps, leading to information disclosure. Successful exploitation can lead to a remote code execution. Vrealize_operations 8.8
2022-08-10 CVE-2022-31675 VMware vRealize Operations contains an authentication bypass vulnerability. An unauthenticated malicious actor with network access may be able to create a user with administrative privileges. Vrealize_operations 7.5
2022-12-16 CVE-2022-31708 vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4. Vrealize_operations 4.9
2023-05-12 CVE-2023-20877 VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation. Cloud_foundation, Vrealize_operations 8.8
2023-05-12 CVE-2023-20879 VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system. Cloud_foundation, Vrealize_operations 6.7
2023-05-12 CVE-2023-20878 VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system. Cloud_foundation, Vrealize_operations 7.2
2023-02-01 CVE-2023-20856 VMware vRealize Operations (vROps) contains a CSRF bypass vulnerability. A malicious user could execute actions on the vROps platform on behalf of the authenticated victim user. Vrealize_operations 8.8