Vmware Vrealize_operations

18 CVEs affecting Vmware Vrealize_operations. Latest disclosed: 2023-05-12. Critical: 2, High: 10.

Top CVEs affecting Vmware Vrealize_operations
CVESeverityScorePublishedSummary
CVE-2016-7457Critical10.02016-12-29VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to gain privileges, or halt and remove virtual machines, via unspecif…
CVE-2020-3943Critical9.82020-02-19vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) uses a JMX RMI service which is not securely configured. An unauthentic…
CVE-2023-20877High8.82023-05-12VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leadi…
CVE-2023-20856High8.82023-02-01VMware vRealize Operations (vROps) contains a CSRF bypass vulnerability. A malicious user could execute actions on the vROps platform on behalf of the authenti…
CVE-2022-31673High8.82022-08-10VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can create and leak hex dumps…
CVE-2020-3944High8.62020-02-19vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) has an improper trust store configuration leading to authentication byp…
CVE-2016-7462High8.52016-12-29The Suite REST API in VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to write arbitrary content to files or rename f…
CVE-2022-31675High7.52022-08-10VMware vRealize Operations contains an authentication bypass vulnerability. An unauthenticated malicious actor with network access may be able to create a user…
CVE-2020-3945High7.52020-02-19vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) contains an information disclosure vulnerability due to incorrect pairi…
CVE-2023-20878High7.22023-05-12VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt th…
CVE-2022-31707High7.22022-12-16vRealize Operations (vROps) contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity rang…
CVE-2022-31672High7.22022-08-10VMware vRealize Operations contains a privilege escalation vulnerability. A malicious actor with administrative network access can escalate privileges to root.
CVE-2023-20879Medium6.72023-05-12VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application…
CVE-2018-6978Medium6.72018-12-18vRealize Operations (7.x before 7.0.0.11287810, 6.7.x before 6.7.0.11286837 and 6.6.x before 6.6.1.11286876) contains a local privilege escalation vulnerabilit…
CVE-2022-31708Medium4.92022-12-16vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity rang…
CVE-2022-31682Medium4.92022-10-11VMware Aria Operations contains an arbitrary file read vulnerability. A malicious actor with administrative privileges may be able to read arbitrary files cont…
CVE-2022-31674Medium4.32022-08-10VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can access log files that lea…
CVE-2021-22033Low2.72021-10-13Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability.