Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
operations manager vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-22027
The vRealize Operations Manager API (8.x before 8.5) contains a Server Side Request Forgery in an end point. An unauthenticated malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack leading to information discl...
Vmware Cloud Foundation
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager
Vmware Vrealize Suite Lifecycle Manager
6.5
CVSSv2
CVE-2021-22023
The vRealize Operations Manager API (8.x before 8.5) has insecure object reference vulnerability. A malicious actor with administrative access to vRealize Operations Manager API may be able to modify other users information leading to an account takeover.
Vmware Cloud Foundation
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager
Vmware Vrealize Suite Lifecycle Manager
10
CVSSv2
CVE-2009-4189
HP Operations Manager has a default password of OvW*busr1 for the ovwebusr account, which allows remote malicious users to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat servle...
Hp Operations Manager
1 EDB exploit
3.5
CVSSv2
CVE-2016-4380
Cross-site scripting (XSS) vulnerability in the AdminUI in HPE Operations Manager 9.21.x prior to 9.21.130 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Hp Operations Manager
6.5
CVSSv2
CVE-2018-15762
Pivotal Operations Manager, versions 2.0.x before 2.0.24, versions 2.1.x before 2.1.15, versions 2.2.x before 2.2.7, and versions 2.3.x before 2.3.1, grants all users a scope which allows for privilege escalation. A remote malicious user who has been authenticated may create a ne...
Pivotal Software Operations Manager
4
CVSSv2
CVE-2019-11292
Pivotal Ops Manager, versions 2.4.x before 2.4.27, 2.5.x before 2.5.24, 2.6.x before 2.6.16, and 2.7.x before 2.7.5, logs all query parameters to tomcat’s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as w...
Pivotal Software Operations Manager
5.5
CVSSv2
CVE-2019-3790
The Pivotal Ops Manager, 2.2.x versions before 2.2.23, 2.3.x versions before 2.3.16, 2.4.x versions before 2.4.11, and 2.5.x versions before 2.5.3, contain configuration that circumvents refresh token expiration. A remote authenticated user can gain access to a browser session th...
Pivotal Software Operations Manager
3.5
CVSSv2
CVE-2019-3776
Pivotal Operations Manager, 2.1.x versions before 2.1.20, 2.2.x versions before 2.2.16, 2.3.x versions before 2.3.10, 2.4.x versions before 2.4.3, contains a reflected cross site scripting vulnerability. A remote user that is able to convince an Operations Manager user to interac...
Pivotal Software Operations Manager
4.3
CVSSv2
CVE-2018-11045
Pivotal Operations Manager, versions 2.1 before 2.1.6 and 2.0 before 2.0.15 and 1.12 before 1.12.22, contains a static Linux Random Number Generator (LRNG) seed file embedded in the appliance image. An attacker with knowledge of the exact version and IaaS of a running OpsManager ...
Pivotal Software Operations Manager
6.5
CVSSv2
CVE-2013-3437
SQL injection vulnerability in the management application in Cisco Unified Operations Manager allows remote authenticated users to execute arbitrary SQL commands via an entry field, aka Bug ID CSCud80179.
Cisco Unified Operations Manager -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »