Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware aria operations vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-34051
VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.
Vmware Aria Operations For Logs 8.8
Vmware Aria Operations For Logs 8.6
Vmware Aria Operations For Logs 5.0
Vmware Aria Operations For Logs 4.0
Vmware Aria Operations For Logs 8.10
Vmware Aria Operations For Logs 8.10.2
Vmware Aria Operations For Logs 8.12
1 Github repository
9.8
CVSSv3
CVE-2023-34039
Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Netwo...
Vmware Aria Operations For Networks
3 Github repositories
9.8
CVSSv3
CVE-2023-20887
Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in remote code execution.
Vmware Vrealize Network Insight
4 Github repositories
1 Article
9.8
CVSSv3
CVE-2023-20864
VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.
Vmware Cloud Foundation
Vmware Aria Operations For Logs
8.8
CVSSv3
CVE-2023-20888
Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentials may be able to perform a deserialization attack resulting in remote cod...
Vmware Vrealize Network Insight
1 Article
8.8
CVSSv3
CVE-2023-20877
VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation.
Vmware Cloud Foundation
Vmware Vrealize Operations 8.10.0
Vmware Vrealize Operations 8.6.0
7.8
CVSSv3
CVE-2024-22239
Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain regular shell access.
Vmware Aria Operations For Networks
7.8
CVSSv3
CVE-2024-22237
Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain root access to the system.
Vmware Aria Operations For Networks
7.8
CVSSv3
CVE-2023-34052
VMware Aria Operations for Logs contains a deserialization vulnerability. A malicious actor with non-administrative access to the local system can trigger the deserialization of data which could result in authentication bypass.
Vmware Aria Operations For Logs 5.0
Vmware Aria Operations For Logs 4.0
Vmware Aria Operations For Logs 8.10.2
Vmware Aria Operations For Logs 8.12
7.5
CVSSv3
CVE-2023-20889
Aria Operations for Networks contains an information disclosure vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in information disclosure.
Vmware Vrealize Network Insight
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »