Aria Operations Security Vulnerabilities and Issues — Aria Operations CVE List

Lucene search

VmwareAria Operations

9 matches found

CVE•added 2025/01/30 4:15 p.m.•68 views

CVE-2025-22222

VMware Aria Operations contains an information disclosure vulnerability. A malicious user with non-administrative privileges may exploit this vulnerability to retrieve credentials for an outbound plugin if a valid service credential ID is known.

7.7CVSS7.3AI score0.00124EPSS

CVE•added 2024/02/21 5:15 a.m.•59 views

CVE-2024-22235

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.

6.7CVSS6.8AI score0.00045EPSS

CVE•added 2023/09/27 3:18 p.m.•57 views

CVE-2023-34043

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.

6.7CVSS6.8AI score0.00039EPSS

CVE•added 2023/05/12 9:15 p.m.•56 views

CVE-2023-20880

VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.

6.7CVSS7.3AI score0.00041EPSS

CVE•added 2024/11/26 12:15 p.m.•53 views

CVE-2024-38830

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges may trigger this vulnerability to escalate privileges to root user on the appliance running VMware Aria Operations.

7.8CVSS7.9AI score0.00032EPSS

CVE•added 2024/11/26 12:15 p.m.•49 views

CVE-2024-38832

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to views may be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.

7.1CVSS6.5AI score0.00314EPSS

CVE•added 2024/11/26 12:15 p.m.•47 views

CVE-2024-38834

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to cloud provider might be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.

6.5CVSS6.1AI score0.00246EPSS

CVE•added 2024/11/26 12:15 p.m.•46 views

CVE-2024-38833

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to email templates might inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.

6.8CVSS6.3AI score0.00163EPSS

CVE•added 2024/11/26 12:15 p.m.•45 views

CVE-2024-38831

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges can insert malicious commands into the properties file to escalate privileges to a root user on the appliance running VMware Aria Operations.

7.8CVSS8AI score0.00254EPSS