Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Vmware Subscribe
Filtered by product Vrealize Operations

CVSS v3 Filter

ALL
NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-31675 1 Vmware 1 Vrealize Operations 2023-08-08 N/A 7.5 HIGH
VMware vRealize Operations contains an authentication bypass vulnerability. An unauthenticated malicious actor with network access may be able to create a user with administrative privileges.
CVE-2022-31672 1 Vmware 1 Vrealize Operations 2023-08-08 N/A 7.2 HIGH
VMware vRealize Operations contains a privilege escalation vulnerability. A malicious actor with administrative network access can escalate privileges to root.
CVE-2022-31673 1 Vmware 1 Vrealize Operations 2023-08-08 N/A 8.8 HIGH
VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can create and leak hex dumps, leading to information disclosure. Successful exploitation can lead to a remote code execution.
CVE-2020-3945 2 Microsoft, Vmware 2 Windows, Vrealize Operations 2021-07-21 5.0 MEDIUM 7.5 HIGH
vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) contains an information disclosure vulnerability due to incorrect pairing implementation between the vRealize Operations for Horizon Adapter and Horizon View. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may obtain sensitive information
CVE-2020-3944 2 Microsoft, Vmware 2 Windows, Vrealize Operations 2020-02-26 5.0 MEDIUM 8.6 HIGH
vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) has an improper trust store configuration leading to authentication bypass. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may be able to bypass Adapter authentication.
CVE-2016-7462 1 Vmware 1 Vrealize Operations 2017-07-28 7.5 HIGH 8.5 HIGH
The Suite REST API in VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to write arbitrary content to files or rename files via a crafted DiskFileItem in a relay-request payload that is mishandled during deserialization.