Lucene search
HistoryFeb 21, 2024 - 5:15 a.m.
CVE-2024-22235
cve-2024-22235
vmware
aria operations
local privilege escalation
nvd
security vulnerability
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to ‘root’.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "VMware Aria Operations",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware Aria Operations 8.x"
}
]
}
]Related
nvd
nvd
CVE-2024-22235
2024-02-21 05:15:08
vmware
vmware
nessus
nessus
VMWare Aria Operations < 8.16 PrivEsc (VMSA-2024-0004)
2024-02-22 00:00:00
cvelist
cvelist
CVE-2024-22235
2024-02-21 04:59:48
prion
prion
Privilege escalation
2024-02-21 05:15:00
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.1%
Related for CVE-2024-22235