VMware vRealize Operations 8.10.0

CPE Details

VMware vRealize Operations 8.10.0
vmware
vrealize_operations
8.10.0
2023-12-29
17h02 +00:00
2023-12-29
17h02 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:vmware:vrealize_operations:8.10.0:-:*:*:*:*:*:*

Informations

Vendor

vmware

Product

vrealize_operations

Version

8.10.0

Update

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-20877 2023-05-12 00h00 +00:00 VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation.
8.8
High
CVE-2023-20878 2023-05-12 00h00 +00:00 VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system.
7.2
High
CVE-2023-20879 2023-05-12 00h00 +00:00 VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system.
6.7
Medium
CVE-2022-31707 2022-12-15 23h00 +00:00 vRealize Operations (vROps) contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.
7.2
High
CVE-2022-31708 2022-12-15 23h00 +00:00 vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4.
4.9
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.