CVE-2024-38833

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to email templates might inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations...

CVE-2024-38834 Stored cross-site scripting vulnerability (CVE-2024-38834)

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to cloud provider might be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations...

CVE-2024-38834 Stored cross-site scripting vulnerability (CVE-2024-38834)

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to cloud provider might be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations...

CVE-2024-38834

CVE-2024-38834 is a stored cross-site scripting vulnerability in VMware Aria Operations. The issue allows a malicious actor with editing access to cloud provider settings or views to inject scripts, leading to stored XSS in the product. The vulnerability is documented across multiple sources (NVD...

CVE-2024-38833 Stored cross-site scripting vulnerability (CVE-2024-38833)

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to email templates might inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations...

CVE-2024-38833 Stored cross-site scripting vulnerability (CVE-2024-38833)

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to email templates might inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations...

CVE-2024-38833

CVE-2024-38833 is a stored cross-site scripting vulnerability in VMware Aria Operations. A malicious actor with editing access to email templates could inject script resulting in stored XSS. Connected sources attribute a moderate to high impact depending on access; CVSS details include up to 6.8 ...

CVE-2024-38832

CVE-2024-38832 corresponds to a stored cross-site scripting (XSS) vulnerability in VMware Aria Operations. The issue affects the ability of a malicious actor with editing access to views to inject scripts, potentially leading to stored XSS in the product. Connected sources (VMSA-2024-0022, NVD en...

CVE-2024-38832 Stored cross-site scripting vulnerability (CVE-2024-38832)

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to views may be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations...

CVE-2024-38832 Stored cross-site scripting vulnerability (CVE-2024-38832)

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to views may be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations...

CVE-2024-38831 Local privilege escalation vulnerability (CVE-2024-38831)

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges can insert malicious commands into the properties file to escalate privileges to a root user on the appliance running VMware Aria Operations...

CVE-2024-38831 Local privilege escalation vulnerability (CVE-2024-38831)

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges can insert malicious commands into the properties file to escalate privileges to a root user on the appliance running VMware Aria Operations...

CVE-2024-38831

Summary: CVE-2024-38831 affects VMware Aria Operations. A local attacker with administrative privileges can modify the properties file to escalate to root. The issue is addressed in the VMSA-2024-0022 advisory, which groups CVE-2024-38830/38831/38832/38833/38834 and lists a fixed version of 8.18....

CVE-2024-38830 Local privilege escalation vulnerability

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges may trigger this vulnerability to escalate privileges to root user on the appliance running VMware Aria Operations...

CVE-2024-38830 Local privilege escalation vulnerability

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges may trigger this vulnerability to escalate privileges to root user on the appliance running VMware Aria Operations...

CVE-2024-38830

CVE-2024-38830 affects VMware Aria Operations and is a local privilege-escalation vulnerability. The Nessus/NVD entries describe that an attacker with local administrative privileges can escalate to root on the appliance. The issue is addressed in VMware Aria Operations with patches up to version...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining Interim Fix for Nov 2024

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 1.15.0 IF004 Vulnerability Details CVEID:CVE-2024-38821 DESCRIPTION: VMware Tanzu Spring Security could allow a remote attacker to bypass security...

VMware Aria Operations 安全漏洞

VMware Aria Operations is a unified, AI-driven, self-driving IT operations management platform for private, hybrid, and multi-cloud environments from VMware, Inc. A security vulnerability exists in VMware Aria Operations that stems from a malicious actor capable of editing views that could inject...

VMware Aria Operations 安全漏洞

VMware Aria Operations is a unified, AI-driven, self-driving IT operations management platform for private, hybrid, and multi-cloud environments from VMware, Inc. A security vulnerability exists in VMware Aria Operations that stems from a malicious actor capable of editing email templates that...

PT-2024-8794 · Vmware · Vmware Aria Operations

Name of the Vulnerable Software and Affected Versions: VMware Aria Operations affected versions not specified Description: The issue is related to a stored cross-site scripting vulnerability in VMware Aria Operations. A malicious actor with editing access to views may be able to inject malicious...