CVSS: 7.2EPSS: 0%CPEs: 12EXPL: 0CVE-2023-20878
https://notcve.org/view.php?id=CVE-2023-20878
VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system. • https://www.vmware.com/security/advisories/VMSA-2023-0009.html • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-20877
https://notcve.org/view.php?id=CVE-2023-20877
VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation. • https://www.vmware.com/security/advisories/VMSA-2023-0009.html •
CVSS: 6.7EPSS: 0%CPEs: 12EXPL: 0CVE-2023-20879
https://notcve.org/view.php?id=CVE-2023-20879
VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system. • https://www.vmware.com/security/advisories/VMSA-2023-0009.html •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2022-31708 – VMware vRealize Operations CaSA Improper Access Control Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-31708
vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4. This vulnerability allows remote attackers to disclose sensitive information on affected installations of VMware vRealize Operations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of CaSA. The issue results from the lack of proper access control. • https://www.vmware.com/security/advisories/VMSA-2022-0034.html •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2022-31707 – VMware vRealize Operations CaSA Improper Privilege Management Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-31707
vRealize Operations (vROps) contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2. vRealize Operations (vROps) contiene una vulnerabilidad de escalada de privilegios. VMware ha evaluado la gravedad de este problema en el rango de gravedad Importante con una puntuación base CVSSv3 máxima de 7.2. This vulnerability allows remote attackers to escalate privileges on affected installations of VMware vRealize Operations. Authentication is required to exploit this vulnerability. The specific flaw exists within the configuration of CaSA. • https://www.vmware.com/security/advisories/VMSA-2022-0034.html •