CVE-2016-5336
https://notcve.org/view.php?id=CVE-2016-5336
VMware vRealize Automation 7.0.x before 7.1 allows remote attackers to execute arbitrary code via unspecified vectors. VMware vRealize Automation 7.0.x en versiones anteriores a 7.1 permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados. • http://www.securityfocus.com/bid/92607 http://www.securitytracker.com/id/1036685 http://www.vmware.com/security/advisories/VMSA-2016-0013.html •
CVE-2016-5335
https://notcve.org/view.php?id=CVE-2016-5335
VMware Identity Manager 2.x before 2.7 and vRealize Automation 7.0.x before 7.1 allow local users to obtain root access via unspecified vectors. VMware Identity Manager 2.x en versiones anteriores a 2.7 y vRealize Automation 7.0.x en versiones anteriores a 7.1 permiten a usuarios locales obtener acceso root a través de vectores no especificados. • http://www.securityfocus.com/bid/92608 http://www.securitytracker.com/id/1036685 http://www.vmware.com/security/advisories/VMSA-2016-0013.html •
CVE-2015-2344
https://notcve.org/view.php?id=CVE-2015-2344
Cross-site scripting (XSS) vulnerability in VMware vRealize Automation 6.x before 6.2.4 on Linux allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en VMware vRealize Automation 6.x en versiones anteriores a 6.2.4 en Linux permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://www.securitytracker.com/id/1035270 http://www.vmware.com/security/advisories/VMSA-2016-0003.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •