CVE-2023-20879

all versions

VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in th

6.7MEDIUM

CVE-2023-20878

all versions

VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbi

7.2HIGH

CVE-2023-20877

all versions

VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can

8.8HIGH

CVE-2023-20856

>= 8.6.0 and <= 8.6.4

VMware vRealize Operations (vROps) contains a CSRF bypass vulnerability. A malicious user could execute actions on the vROps platf

8.8HIGH

CVE-2022-31708

>= 8.6.0 and < 8.6.4.20823815

vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be

4.9MEDIUM

CVE-2022-31707

>= 8.6.0 and < 8.6.4.20823815

vRealize Operations (vROps) contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be i

7.2HIGH

CVE-2022-31682

>= 8.0 and < 8.10

VMware Aria Operations contains an arbitrary file read vulnerability. A malicious actor with administrative privileges may be able

4.9MEDIUM

CVE-2022-31675

>= 8.0.0 and < 8.6.4

VMware vRealize Operations contains an authentication bypass vulnerability. An unauthenticated malicious actor with network access

7.5HIGH

CVE-2022-31674

>= 8.0.0 and < 8.6.4

VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access

4.3MEDIUM

CVE-2022-31673

>= 8.0.0 and < 8.6.4

VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access

8.8HIGH

CVE-2022-31672

>= 8.0.0 and < 8.6.4

VMware vRealize Operations contains a privilege escalation vulnerability. A malicious actor with administrative network access can

7.2HIGH

CVE-2021-22033

>= 7.0.0 and < 8.6.0

Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability.

2.7LOW

CVE-2020-3945

>= 6.6.0 and < 6.6.1

vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) contains an information disclosure vulnera

7.5HIGH

CVE-2020-3944

>= 6.6.0 and < 6.6.1

vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) has an improper trust store configuration

8.6HIGH

CVE-2020-3943

>= 6.6.0 and < 6.6.1

vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) uses a JMX RMI service which is not secure

9.8CRITICAL

CVE-2018-6978

>= 6.6.0 and < 6.6.1.11286876

vRealize Operations (7.x before 7.0.0.11287810, 6.7.x before 6.7.0.11286837 and 6.6.x before 6.6.1.11286876) contains a local priv

6.7MEDIUM

CVE-2016-7462

all versions

The Suite REST API in VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to write arbitrary

8.5HIGH

CVE-2016-7457

all versions

VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to gain privileges, or halt and remove v

10.0CRITICAL