VMware vRealize Operations (vROps) contains a CSRF bypass vulnerability. A malicious user could execute actions on the vROps platform on behalf of the authenticated victim user.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HVMware Vrealize Operations
APPVmware8.6.0 – 8.6.4
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2020-3943CRITICAL9.8ten sam produkt
vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) uses a JMX RMI service...
CVE-2016-7457CRITICAL10.0ten sam produkt
VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to gain privileges, ...
CVE-2023-20877HIGH8.8ten sam produkt
VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with Rea...
CVE-2023-20878HIGH7.2ten sam produkt
VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privile...
CVE-2022-31707HIGH7.2ten sam produkt
vRealize Operations (vROps) contains a privilege escalation vulnerability. VMware has evaluated the severity o...