Vmware: >> Vrealize Operations Security Vulnerabilities
VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation.
CVSS Score
8.8
EPSS Score
0.004
Published
2023-05-12
VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system.
CVSS Score
7.2
EPSS Score
0.006
Published
2023-05-12
VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-05-12
VMware vRealize Operations (vROps) contains a CSRF bypass vulnerability. A malicious user could execute actions on the vROps platform on behalf of the authenticated victim user.
CVSS Score
8.8
EPSS Score
0.004
Published
2023-02-01
vRealize Operations (vROps) contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-12-16
vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4.
CVSS Score
4.9
EPSS Score
0.004
Published
2022-12-16
VMware Aria Operations contains an arbitrary file read vulnerability. A malicious actor with administrative privileges may be able to read arbitrary files containing sensitive data.
CVSS Score
4.9
EPSS Score
0.002
Published
2022-10-11
VMware vRealize Operations contains an authentication bypass vulnerability. An unauthenticated malicious actor with network access may be able to create a user with administrative privileges.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-08-10
VMware vRealize Operations contains a privilege escalation vulnerability. A malicious actor with administrative network access can escalate privileges to root.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-08-10
VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can create and leak hex dumps, leading to information disclosure. Successful exploitation can lead to a remote code execution.
CVSS Score
8.8
EPSS Score
0.081
Published
2022-08-10
Page 1