Vulnerability Details CVE-2024-22238
Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges may be able to inject malicious code into user profile configurations due to improper input sanitization.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.6%
CVSS Severity
CVSS v3 Score 6.4
References
Products affected by CVE-2024-22238
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.0.0
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.10.0
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.11.0
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.12.0
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.2.0
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.3.0
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.4.0
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.5.0
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.6.0
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.7.0
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.8.0
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.9.0