Vulnerability Details CVE-2024-22241
Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges can inject a malicious payload into the login banner and takeover the user account.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.036
EPSS Ranking 87.2%
CVSS Severity
CVSS v3 Score 4.3
References
Products affected by CVE-2024-22241
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.0.0
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.10.0
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.11.0
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.12.0
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.2.0
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.3.0
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.4.0
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.5.0
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.6.0
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.7.0
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.8.0
-
cpe:2.3:a:vmware:aria_operations_for_networks:6.9.0