CVEDB API

Vulnerabilities

Vulnerable Software

Vmware: >> Cloud Foundation Security Vulnerabilities

CVE-2023-34043

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.

CVSS Score

6.7

EPSS Score

0.0

Published

2023-09-27

CVE-2023-20884

VMware Workspace ONE Access and VMware Identity Manager contain an insecure redirect vulnerability. An unauthenticated malicious actor may be able to redirect a victim to an attacker controlled domain due to improper path handling leading to sensitive information disclosure.

CVSS Score

6.1

EPSS Score

0.003

Published

2023-05-30

CVE-2023-20877

VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation.

CVSS Score

8.8

EPSS Score

0.004

Published

2023-05-12

CVE-2023-20878

VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system.

CVSS Score

7.2

EPSS Score

0.006

Published

2023-05-12

CVE-2023-20879

VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system.

CVSS Score

6.7

EPSS Score

0.0

Published

2023-05-12

CVE-2023-20880

VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.

CVSS Score

6.7

EPSS Score

0.0

Published

2023-05-12

CVE-2023-20864

VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.

CVSS Score

9.8

EPSS Score

0.929

Published

2023-04-20

CVE-2023-20865

VMware Aria Operations for Logs contains a command injection vulnerability. A malicious actor with administrative privileges in VMware Aria Operations for Logs can execute arbitrary commands as root.

CVSS Score

7.2

EPSS Score

0.005

Published

2023-04-20

CVE-2022-31700

VMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.

CVSS Score

7.2

EPSS Score

0.018

Published

2022-12-14

CVE-2022-31701

VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3.

CVSS Score

5.3

EPSS Score

0.002

Published

2022-12-14

Prev Next

Page 2

Vulnerabilities

Vulnerable Software

Vmware: >> Cloud Foundation Security Vulnerabilities

Products

Pricing

Contact Us