34 results (0.003 seconds)

CVSS: 9.9EPSS: 0%CPEs: 12EXPL: 0

Aria Automation contains a Missing Access Control vulnerability. An authenticated malicious actor may exploit this vulnerability leading to unauthorized access to remote organizations and workflows. Aria Automation contiene una vulnerabilidad de control de acceso faltante. Un actor malicioso autenticado puede explotar esta vulnerabilidad y provocar acceso no autorizado a organizaciones y workflows remotos. • https://www.vmware.com/security/advisories/VMSA-2024-0001.html • CWE-862: Missing Authorization •

CVSS: 6.7EPSS: 0%CPEs: 8EXPL: 0

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'. VMware Aria Operations contiene una vulnerabilidad de escalada de privilegios local. Un actor malicioso con acceso administrativo al sistema local puede escalar privilegios a "root". • https://www.vmware.com/security/advisories/VMSA-2023-0020.html • CWE-269: Improper Privilege Management •

CVSS: 6.7EPSS: 0%CPEs: 12EXPL: 0

VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system. • https://www.vmware.com/security/advisories/VMSA-2023-0009.html •

CVSS: 7.2EPSS: 0%CPEs: 12EXPL: 0

VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system. • https://www.vmware.com/security/advisories/VMSA-2023-0009.html • CWE-502: Deserialization of Untrusted Data •

CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0

VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'. • https://www.vmware.com/security/advisories/VMSA-2023-0009.html •