Vmware aria operations for networks
This hub aggregates every CVE we track for Vmware aria operations for networks, a product in the cloud saas space. Use it to gauge the current risk picture and drill into individual advisories.
14
CVEs tracked
3
Critical
6
High
1
In CISA KEV
Severity distribution
HIGH6MEDIUM5CRITICAL3
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 14 most recently published vulnerabilities affecting Vmware aria operations for networks.
- CVE-2024-22241Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges can inject a malicious payload into the login banner and takeover the user accou...4.3
- CVE-2024-22240Aria Operations for Networks contains a local file read vulnerability. A malicious actor with admin privileges may exploit this vulnerability leading to unauthorized access to sensitive informatio...4.9
- CVE-2024-22239Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges t...5.3
- CVE-2024-22238Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges may be able to inject malicious code into user profile configurations due to imp...6.4
- CVE-2024-22237Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges t...7.8
- CVE-2023-20890Aria Operations for Networks contains an arbitrary file write vulnerability. An authenticated malicious actor with administrative access to VMware Aria Operations for Networks can write files to a...7.2
- CVE-2023-34039Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Netw...9.8
- CVE-2023-20889Aria Operations for Networks contains an information disclosure vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injecti...7.5
- CVE-2023-20888Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentia...8.8
- CVE-2023-20887Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection atta...KEV9.8
- CVE-2022-31703The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in re...7.5
- CVE-2022-31702vRealize Network Insight (vRNI) contains a command injection vulnerability present in the vRNI REST API. A malicious actor with network access to the vRNI REST API can execute commands without auth...9.8
- CVE-2019-11478SACK can cause extensive memory use via fragmented resend queue5.3
- CVE-2019-11477Integer overflow in TCP_SKB_CB(skb)->tcp_gso_segs7.5
Product normalization is registry-driven with AI assist and human review. How it works