Vrealize Operations Security Vulnerabilities and Issues — Vrealize Operations CVE List

Lucene search

VmwareVrealize Operations

5 matches found

CVE•added 2022/08/10 8:15 p.m.•102 views

CVE-2022-31673

VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can create and leak hex dumps, leading to information disclosure. Successful exploitation can lead to a remote code execution.

8.8CVSS8.4AI score0.09255EPSS

CVE•added 2023/05/12 9:15 p.m.•78 views

CVE-2023-20877

VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation.

8.8CVSS8.9AI score0.00392EPSS

CVE•added 2020/02/19 9:15 p.m.•67 views

CVE-2020-3944

vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) has an improper trust store configuration leading to authentication bypass. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may be able to bypa...

8.6CVSS9.1AI score0.00429EPSS

CVE•added 2023/02/01 3:15 a.m.•66 views

CVE-2023-20856

VMware vRealize Operations (vROps) contains a CSRF bypass vulnerability. A malicious user could execute actions on the vROps platform on behalf of the authenticated victim user.

8.8CVSS8.7AI score0.0041EPSS

CVE•added 2016/12/29 9:59 a.m.•53 views

CVE-2016-7462

The Suite REST API in VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to write arbitrary content to files or rename files via a crafted DiskFileItem in a relay-request payload that is mishandled during deserialization.

8.5CVSS7.9AI score0.01674EPSS