Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vrealize operations vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-22025
The vRealize Operations Manager API (8.x before 8.5) contains a broken access control vulnerability leading to unauthenticated API access. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can add new nodes to existing vROps cluster.
Vmware Cloud Foundation
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager
Vmware Vrealize Suite Lifecycle Manager
445
VMScore
CVE-2021-22026
The vRealize Operations Manager API (8.x before 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information discl...
Vmware Cloud Foundation
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager
Vmware Vrealize Suite Lifecycle Manager
445
VMScore
CVE-2021-22027
The vRealize Operations Manager API (8.x before 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information discl...
Vmware Cloud Foundation
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager
Vmware Vrealize Suite Lifecycle Manager
644
VMScore
CVE-2017-4946
The VMware V4H and V4PA desktop agents (6.x prior to 6.5.1) contain a privilege escalation vulnerability. Successful exploitation of this issue could result in a low privileged windows user escalating their privileges to SYSTEM.
Vmware Vrealize Operations For Published Applications
Vmware Vrealize Operations For Horizon
544
VMScore
CVE-2021-21975
Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) before 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials.
Vmware Vrealize Operations Manager 7.0.0
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager 8.0.0
Vmware Vrealize Operations Manager 8.0.1
Vmware Vrealize Operations Manager 8.1.0
Vmware Vrealize Operations Manager 8.1.1
Vmware Vrealize Operations Manager 8.2.0
Vmware Vrealize Operations Manager 8.3.0
Vmware Cloud Foundation 3.0
Vmware Cloud Foundation 3.0.1
Vmware Cloud Foundation 3.0.1.1
Vmware Cloud Foundation 3.5
Vmware Cloud Foundation 3.5.1
Vmware Cloud Foundation 3.7
Vmware Cloud Foundation 3.7.1
Vmware Cloud Foundation 3.7.2
Vmware Cloud Foundation 3.8
Vmware Cloud Foundation 3.8.1
Vmware Cloud Foundation 3.9
Vmware Cloud Foundation 3.9.1
Vmware Cloud Foundation 3.10
Vmware Cloud Foundation 4.0
1 Metasploit module
13 Github repositories
891
VMScore
CVE-2021-21983
Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) before 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system...
Vmware Vrealize Operations Manager 7.0.0
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager 8.0.0
Vmware Vrealize Operations Manager 8.0.1
Vmware Vrealize Operations Manager 8.1.0
Vmware Vrealize Operations Manager 8.1.1
Vmware Vrealize Operations Manager 8.2.0
Vmware Vrealize Operations Manager 8.3.0
Vmware Cloud Foundation 3.0
Vmware Cloud Foundation 3.0.1
Vmware Cloud Foundation 3.0.1.1
Vmware Cloud Foundation 3.5
Vmware Cloud Foundation 3.5.1
Vmware Cloud Foundation 3.7
Vmware Cloud Foundation 3.7.1
Vmware Cloud Foundation 3.7.2
Vmware Cloud Foundation 3.8
Vmware Cloud Foundation 3.8.1
Vmware Cloud Foundation 3.9
Vmware Cloud Foundation 3.9.1
Vmware Cloud Foundation 3.10
Vmware Cloud Foundation 4.0
1 Metasploit module
4 Github repositories
356
VMScore
CVE-2021-22033
Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability.
Vmware Cloud Foundation
Vmware Vrealize Operations
Vmware Vrealize Suite Lifecycle Manager
NA
CVE-2022-31672
VMware vRealize Operations contains a privilege escalation vulnerability. A malicious actor with administrative network access can escalate privileges to root.
Vmware Vrealize Operations
1 Github repository
1 Article
NA
CVE-2022-31673
VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can create and leak hex dumps, leading to information disclosure. Successful exploitation can lead to a remote code execution.
Vmware Vrealize Operations
1 Article
NA
CVE-2022-31674
VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can access log files that lead to information disclosure.
Vmware Vrealize Operations
1 Github repository
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »