VMware vRealize Operations 8.6.0 Hotfix1

CPE Details

VMware vRealize Operations 8.6.0 Hotfix1
8.6.0
2023-06-01
15h30 +00:00
2023-07-21
19h59 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix1:*:*:*:*:*:*

Informations

Vendor

vmware

Product

vrealize_operations

Version

8.6.0

Update

hotfix1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-20877 2023-05-12 00h00 +00:00 VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation.
8.8
High
CVE-2023-20878 2023-05-12 00h00 +00:00 VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system.
7.2
High
CVE-2023-20879 2023-05-12 00h00 +00:00 VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system.
6.7
Medium
CVE-2023-20856 2023-02-01 00h00 +00:00 VMware vRealize Operations (vROps) contains a CSRF bypass vulnerability. A malicious user could execute actions on the vROps platform on behalf of the authenticated victim user.
8.8
High
CVE-2022-31707 2022-12-15 23h00 +00:00 vRealize Operations (vROps) contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.
7.2
High
CVE-2022-31708 2022-12-15 23h00 +00:00 vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4.
4.9
Medium
CVE-2022-31682 2022-10-10 22h00 +00:00 VMware Aria Operations contains an arbitrary file read vulnerability. A malicious actor with administrative privileges may be able to read arbitrary files containing sensitive data.
4.9
Medium
CVE-2022-31673 2022-08-09 18h19 +00:00 VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can create and leak hex dumps, leading to information disclosure. Successful exploitation can lead to a remote code execution.
8.8
High
CVE-2022-31674 2022-08-09 18h19 +00:00 VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can access log files that lead to information disclosure.
4.3
Medium
CVE-2022-31675 2022-08-09 18h19 +00:00 VMware vRealize Operations contains an authentication bypass vulnerability. An unauthenticated malicious actor with network access may be able to create a user with administrative privileges.
7.5
High
CVE-2022-31672 2022-08-09 18h18 +00:00 VMware vRealize Operations contains a privilege escalation vulnerability. A malicious actor with administrative network access can escalate privileges to root.
7.2
High