Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Vrealize_operations
(Vmware)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 18 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2022-08-10 | CVE-2022-31672 | VMware vRealize Operations contains a privilege escalation vulnerability. A malicious actor with administrative network access can escalate privileges to root. | Vrealize_operations | 7.2 | ||
2022-08-10 | CVE-2022-31673 | VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can create and leak hex dumps, leading to information disclosure. Successful exploitation can lead to a remote code execution. | Vrealize_operations | 8.8 | ||
2022-08-10 | CVE-2022-31675 | VMware vRealize Operations contains an authentication bypass vulnerability. An unauthenticated malicious actor with network access may be able to create a user with administrative privileges. | Vrealize_operations | 7.5 | ||
2022-12-16 | CVE-2022-31708 | vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4. | Vrealize_operations | 4.9 | ||
2023-05-12 | CVE-2023-20877 | VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation. | Cloud_foundation, Vrealize_operations | 8.8 | ||
2023-05-12 | CVE-2023-20879 | VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system. | Cloud_foundation, Vrealize_operations | 6.7 | ||
2023-05-12 | CVE-2023-20878 | VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system. | Cloud_foundation, Vrealize_operations | 7.2 | ||
2023-02-01 | CVE-2023-20856 | VMware vRealize Operations (vROps) contains a CSRF bypass vulnerability. A malicious user could execute actions on the vROps platform on behalf of the authenticated victim user. | Vrealize_operations | 8.8 |