Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vrealize automation vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-22036
VMware vRealize Orchestrator ((8.x before 8.6) contains an open redirect vulnerability due to improper path handling. A malicious actor may be able to redirect victim to an attacker controlled domain due to improper path handling in vRealize Orchestrator leading to sensitive info...
Vmware Vrealize Automation
Vmware Vrealize Orchestrator
6.5
CVSSv3
CVE-2020-11652
An issue exists in SaltStack Salt prior to 2019.2.4 and 3000 prior to 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users.
Saltstack Salt
Opensuse Leap 15.1
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
Blackberry Workspaces Server 9.1.0
Blackberry Workspaces Server
Vmware Application Remote Collector 8.0.0
Vmware Application Remote Collector 7.5.0
12 Github repositories
4 Articles
6.1
CVSSv3
CVE-2022-31663
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a reflected cross-site scripting (XSS) vulnerability. Due to improper user input sanitization, a malicious actor with some user interaction may be able to inject javascript code in the target user'...
Vmware Identity Manager 3.3.4
Vmware Identity Manager 3.3.5
Vmware Identity Manager 3.3.6
Vmware One Access 21.08.0.0
Vmware One Access 21.08.0.1
Vmware Access Connector 21.08.0.0
Vmware Access Connector 21.08.0.1
Vmware Access Connector 22.05
Vmware Identity Manager Connector 3.3.4
Vmware Identity Manager Connector 3.3.5
Vmware Identity Manager Connector 3.3.6
Vmware Identity Manager Connector 19.03.0.1
6.1
CVSSv3
CVE-2018-6958
VMware vRealize Automation (vRA) before 7.3.1 contains a vulnerability that may allow for a DOM-based cross-site scripting (XSS) attack. Exploitation of this issue may lead to the compromise of the vRA user's workstation.
Vmware Vrealize Automation
5.4
CVSSv3
CVE-2015-2344
Cross-site scripting (XSS) vulnerability in VMware vRealize Automation 6.x prior to 6.2.4 on Linux allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Vmware Vrealize Automation 6.0
Vmware Vrealize Automation 6.0.1
Vmware Vrealize Automation 6.0.1.1
Vmware Vrealize Automation 6.0.1.2
Vmware Vrealize Automation 6.1
Vmware Vrealize Automation 6.1.1
Vmware Vrealize Automation 6.2
Vmware Vrealize Automation 6.2.1
Vmware Vrealize Automation 6.2.2
Vmware Vrealize Automation 6.2.3
5.3
CVSSv3
CVE-2022-22961
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. A malicious actor with remote access may leak the hostname of the target system. Successful exploitation of this issue can le...
Vmware Cloud Foundation
Vmware Identity Manager 3.3.3
Vmware Identity Manager 3.3.4
Vmware Identity Manager 3.3.5
Vmware Identity Manager 3.3.6
Vmware Vrealize Automation
Vmware Vrealize Automation 7.6
Vmware Vrealize Suite Lifecycle Manager
Vmware Workspace One Access 20.10.0.0
Vmware Workspace One Access 20.10.0.1
Vmware Workspace One Access 21.08.0.0
Vmware Workspace One Access 21.08.0.1
5.3
CVSSv3
CVE-2016-5334
VMware Identity Manager 2.x prior to 2.7.1 and vRealize Automation 7.x prior to 7.2.0 allow remote malicious users to read /SAAS/WEB-INF and /SAAS/META-INF files via unspecified vectors.
Vmware Identity Manager
Vmware Vrealize Automation
4.3
CVSSv3
CVE-2022-22959
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site request forgery vulnerability. A malicious actor can trick a user through a cross site request forgery to unintentionally validate a malicious JDBC URI.
Vmware Cloud Foundation
Vmware Identity Manager 3.3.3
Vmware Identity Manager 3.3.4
Vmware Identity Manager 3.3.5
Vmware Identity Manager 3.3.6
Vmware Vrealize Automation
Vmware Vrealize Automation 7.6
Vmware Vrealize Suite Lifecycle Manager
Vmware Workspace One Access 20.10.0.0
Vmware Workspace One Access 20.10.0.1
Vmware Workspace One Access 21.08.0.0
Vmware Workspace One Access 21.08.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4