CPE Details
VMware vRealize Automation 6.2.3
6.2.3
2016-12-29 18:57 +00:00
2016-12-29 18:57 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:vmware:vrealize_automation:6.2.3:*:*:*:*:*:*:*
Informations
Vendor
vmwareProduct
vrealize_automationVersion
6.2.3Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| VMware vRealize Automation (vRA) prior to 7.3.1 contains a vulnerability that may allow for a DOM-based cross-site scripting (XSS) attack. Exploitation of this issue may lead to the compromise of the vRA user's workstation. | 6.1 |
MEDIUM |
||
| VMware vRealize Automation (vRA) prior to 7.4.0 contains a vulnerability in the handling of session IDs. Exploitation of this issue may lead to the hijacking of a valid vRA user's session. | 9.8 |
CRITICAL |
||
| The Single Sign-On feature in VMware vCenter Server 5.5 before U3e and 6.0 before U2a and vRealize Automation 6.x before 6.2.5 allows remote attackers to read arbitrary files or cause a denial of service via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 9.1 |
CRITICAL |
||
| Cross-site scripting (XSS) vulnerability in VMware vRealize Automation 6.x before 6.2.4 on Linux allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
MEDIUM |
2024©
tesweb SA
