Vrealize Automation Security Vulnerabilities and Issues — Vrealize Automation CVE List

Lucene search

VmwareVrealize Automation

5 matches found

CVE•added 2016/12/29 9:59 a.m.•50 views

CVE-2016-7460

The Single Sign-On feature in VMware vCenter Server 5.5 before U3e and 6.0 before U2a and vRealize Automation 6.x before 6.2.5 allows remote attackers to read arbitrary files or cause a denial of service via an XML document containing an external entity declaration in conjunction with an entity ref...

9.1CVSS8.9AI score0.02008EPSS

CVE•added 2016/08/31 1:59 a.m.•49 views

CVE-2016-5335

VMware Identity Manager 2.x before 2.7 and vRealize Automation 7.0.x before 7.1 allow local users to obtain root access via unspecified vectors.

7.8CVSS7.4AI score0.00034EPSS

CVE•added 2016/03/16 10:59 a.m.•43 views

CVE-2015-2344

Cross-site scripting (XSS) vulnerability in VMware vRealize Automation 6.x before 6.2.4 on Linux allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

5.4CVSS5AI score0.00105EPSS

CVE•added 2016/08/31 1:59 a.m.•38 views

CVE-2016-5336

VMware vRealize Automation 7.0.x before 7.1 allows remote attackers to execute arbitrary code via unspecified vectors.

9.8CVSS9AI score0.01931EPSS

CVE•added 2016/12/29 9:59 a.m.•34 views

CVE-2016-5334

VMware Identity Manager 2.x before 2.7.1 and vRealize Automation 7.x before 7.2.0 allow remote attackers to read /SAAS/WEB-INF and /SAAS/META-INF files via unspecified vectors.

5.3CVSS5.2AI score0.0023EPSS