Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vrealize operations vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-22024
The vRealize Operations Manager API (8.x before 8.5) contains an arbitrary log-file read vulnerability. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can read any log file resulting in sensitive information disclosure.
Vmware Vrealize Suite Lifecycle Manager
Vmware Cloud Foundation
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager
7.5
CVSSv3
CVE-2021-22025
The vRealize Operations Manager API (8.x before 8.5) contains a broken access control vulnerability leading to unauthenticated API access. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can add new nodes to existing vROps cluster.
Vmware Vrealize Suite Lifecycle Manager
Vmware Cloud Foundation
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager
7.5
CVSSv3
CVE-2021-22026
The vRealize Operations Manager API (8.x before 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information discl...
Vmware Vrealize Suite Lifecycle Manager
Vmware Cloud Foundation
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager
7.5
CVSSv3
CVE-2021-22027
The vRealize Operations Manager API (8.x before 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information discl...
Vmware Vrealize Suite Lifecycle Manager
Vmware Cloud Foundation
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager
7.5
CVSSv3
CVE-2021-21975
Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) before 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials.
Vmware Cloud Foundation 4.0
Vmware Cloud Foundation 4.0.1
Vmware Vrealize Suite Lifecycle Manager 8.0
Vmware Vrealize Suite Lifecycle Manager 8.0.1
Vmware Vrealize Suite Lifecycle Manager 8.1
Vmware Vrealize Suite Lifecycle Manager 8.2
Vmware Cloud Foundation 3.0
Vmware Cloud Foundation 3.0.1
Vmware Cloud Foundation 3.0.1.1
Vmware Cloud Foundation 3.5
Vmware Cloud Foundation 3.5.1
Vmware Cloud Foundation 3.7
Vmware Cloud Foundation 3.7.1
Vmware Cloud Foundation 3.7.2
Vmware Cloud Foundation 3.8
Vmware Cloud Foundation 3.8.1
Vmware Cloud Foundation 3.9
Vmware Cloud Foundation 3.9.1
Vmware Cloud Foundation 3.10
Vmware Vrealize Operations Manager 8.2.0
Vmware Vrealize Operations Manager 8.3.0
Vmware Vrealize Operations Manager 7.5.0
1 Metasploit module
13 Github repositories
6.5
CVSSv3
CVE-2021-21983
Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) before 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system...
Vmware Cloud Foundation 4.0
Vmware Cloud Foundation 4.0.1
Vmware Vrealize Suite Lifecycle Manager 8.0
Vmware Vrealize Suite Lifecycle Manager 8.0.1
Vmware Vrealize Suite Lifecycle Manager 8.1
Vmware Vrealize Suite Lifecycle Manager 8.2
Vmware Cloud Foundation 3.0
Vmware Cloud Foundation 3.0.1
Vmware Cloud Foundation 3.0.1.1
Vmware Cloud Foundation 3.5
Vmware Cloud Foundation 3.5.1
Vmware Cloud Foundation 3.7
Vmware Cloud Foundation 3.7.1
Vmware Cloud Foundation 3.7.2
Vmware Cloud Foundation 3.8
Vmware Cloud Foundation 3.8.1
Vmware Cloud Foundation 3.9
Vmware Cloud Foundation 3.9.1
Vmware Cloud Foundation 3.10
Vmware Vrealize Operations Manager 8.2.0
Vmware Vrealize Operations Manager 8.3.0
Vmware Vrealize Operations Manager 7.5.0
1 Metasploit module
4 Github repositories
7.5
CVSSv3
CVE-2022-31675
VMware vRealize Operations contains an authentication bypass vulnerability. An unauthenticated malicious actor with network access may be able to create a user with administrative privileges.
Vmware Vrealize Operations
1 Github repository
1 Article
4.9
CVSSv3
CVE-2022-31682
VMware Aria Operations contains an arbitrary file read vulnerability. A malicious actor with administrative privileges may be able to read arbitrary files containing sensitive data.
Vmware Vrealize Operations
6.7
CVSSv3
CVE-2018-6978
vRealize Operations (7.x prior to 7.0.0.11287810, 6.7.x prior to 6.7.0.11286837 and 6.6.x prior to 6.6.1.11286876) contains a local privilege escalation vulnerability due to improper permissions of support scripts. Admin user of the vROps application with shell access may exploit...
Vmware Vrealize Operations
8.8
CVSSv3
CVE-2022-31673
VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can create and leak hex dumps, leading to information disclosure. Successful exploitation can lead to a remote code execution.
Vmware Vrealize Operations
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »