Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vrealize operations vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2016-7462
The Suite REST API in VMware vRealize Operations (aka vROps) 6.x prior to 6.4.0 allows remote authenticated users to write arbitrary content to files or rename files via a crafted DiskFileItem in a relay-request payload that is mishandled during deserialization.
Vmware Vrealize Operations 6.2.1
Vmware Vrealize Operations 6.3.0
Vmware Vrealize Operations 6.1.0
Vmware Vrealize Operations 6.2.0a
Vmware Vrealize Operations 6.0.0
8
CVSSv2
CVE-2016-7457
VMware vRealize Operations (aka vROps) 6.x prior to 6.4.0 allows remote authenticated users to gain privileges, or halt and remove virtual machines, via unspecified vectors.
Vmware Vrealize Operations 6.2.1
Vmware Vrealize Operations 6.3.0
Vmware Vrealize Operations 6.0.0
Vmware Vrealize Operations 6.1.0
Vmware Vrealize Operations 6.2.0a
NA
CVE-2022-31707
vRealize Operations (vROps) contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.
Vmware Vrealize Operations
Vmware Vrealize Operations 8.10.0
NA
CVE-2022-31708
vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4.
Vmware Vrealize Operations
Vmware Vrealize Operations 8.10.0
NA
CVE-2023-20877
VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation.
Vmware Cloud Foundation
Vmware Vrealize Operations 8.10.0
Vmware Vrealize Operations 8.6.0
NA
CVE-2023-20878
VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system.
Vmware Cloud Foundation
Vmware Vrealize Operations 8.10.0
Vmware Vrealize Operations 8.6.0
NA
CVE-2023-20879
VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system.
Vmware Cloud Foundation
Vmware Vrealize Operations 8.10.0
Vmware Vrealize Operations 8.6.0
5
CVSSv2
CVE-2021-22025
The vRealize Operations Manager API (8.x before 8.5) contains a broken access control vulnerability leading to unauthenticated API access. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can add new nodes to existing vROps cluster.
Vmware Cloud Foundation
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager
Vmware Vrealize Suite Lifecycle Manager
4
CVSSv2
CVE-2021-22022
The vRealize Operations Manager API (8.x before 8.5) contains an arbitrary file read vulnerability. A malicious actor with administrative access to vRealize Operations Manager API can read any arbitrary file on server leading to information disclosure.
Vmware Cloud Foundation
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager
Vmware Vrealize Suite Lifecycle Manager
5
CVSSv2
CVE-2021-22024
The vRealize Operations Manager API (8.x before 8.5) contains an arbitrary log-file read vulnerability. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can read any log file resulting in sensitive information disclosure.
Vmware Cloud Foundation
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager
Vmware Vrealize Suite Lifecycle Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »