vmware vrealize_operations CVE 漏洞(18)

CVE 數: 18 CPE versions: View versions table

摘要

本頁列出影響 vmware vrealize_operations 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。

顯示 11818 CVE 數
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2023-20879 VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system. [email protected] 6.7 0.18% 2023-05-12 2026-06-17
CVE-2023-20878 VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system. [email protected] 7.2 1.00% 2023-05-12 2026-06-17
CVE-2023-20877 VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation. [email protected] 8.8 0.65% 2023-05-12 2026-06-17
CVE-2023-20856 VMware vRealize Operations (vROps) contains a CSRF bypass vulnerability. A malicious user could execute actions on the vROps platform on behalf of the authenticated victim user. [email protected] 8.8 0.40% 2023-01-31 2026-06-17
CVE-2022-31708 vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4. [email protected] 4.9 0.80% 2022-12-16 2026-06-17
CVE-2022-31707 vRealize Operations (vROps) contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2. [email protected] 7.2 0.96% 2022-12-16 2026-06-17
CVE-2022-31682 VMware Aria Operations contains an arbitrary file read vulnerability. A malicious actor with administrative privileges may be able to read arbitrary files containing sensitive data. [email protected] 4.9 0.58% 2022-10-11 2026-06-17
CVE-2022-31675 VMware vRealize Operations contains an authentication bypass vulnerability. An unauthenticated malicious actor with network access may be able to create a user with administrative privileges. [email protected] 7.5 0.72% 2022-08-10 2026-06-17
CVE-2022-31674 VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can access log files that lead to information disclosure. [email protected] 4.3 0.56% 2022-08-10 2026-06-17
CVE-2022-31673 VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can create and leak hex dumps, leading to information disclosure. Successful exploitation can lead to a remote code execution. [email protected] 8.8 1.29% 2022-08-10 2026-06-17
CVE-2022-31672 VMware vRealize Operations contains a privilege escalation vulnerability. A malicious actor with administrative network access can escalate privileges to root. [email protected] 7.2 0.56% 2022-08-10 2026-06-17
CVE-2021-22033 Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability. [email protected] 2.7 0.59% 2021-10-13 2026-06-16
CVE-2020-3945 vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) contains an information disclosure vulnerability due to incorrect pairing implementation between the vRealize Operations for Horizon Adapter and Horizon View. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may obtain sensitive information [email protected] 7.5 1.39% 2020-02-19 2026-06-16
CVE-2020-3944 vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) has an improper trust store configuration leading to authentication bypass. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may be able to bypass Adapter authentication. [email protected] 8.6 1.49% 2020-02-19 2026-06-16
CVE-2020-3943 vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) uses a JMX RMI service which is not securely configured. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may be able to execute arbitrary code in vRealize Operations. [email protected] 9.8 2.33% 2020-02-19 2026-06-16
CVE-2018-6978 vRealize Operations (7.x before 7.0.0.11287810, 6.7.x before 6.7.0.11286837 and 6.6.x before 6.6.1.11286876) contains a local privilege escalation vulnerability due to improper permissions of support scripts. Admin user of the vROps application with shell access may exploit this issue to elevate the privileges to root on a vROps machine. Note: the admin user (non-sudoer) should not be confused with root of the vROps machine. [email protected] 6.7 0.33% 2018-12-18 2026-06-16
CVE-2016-7462 The Suite REST API in VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to write arbitrary content to files or rename files via a crafted DiskFileItem in a relay-request payload that is mishandled during deserialization. [email protected] 8.5 2.04% 2016-12-29 2026-06-16
CVE-2016-7457 VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to gain privileges, or halt and remove virtual machines, via unspecified vectors. [email protected] 10.0 3.18% 2016-12-29 2026-06-16
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
cvelogic Threat Intelligence