VMwareVMSA-2022-0022VMware vRealize Operations contains multiple vulnerabilities
0.002 Low
EPSS
Percentile
56.4%
3a. Privilege Escalation Vulnerability (CVE-2022-31672)
VMware vRealize Operations contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.
3b. Information Disclosure Vulnerability (CVE-2022-31673)
VMware vRealize Operations contains an information disclosure vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.5.
3c. Information Disclosure Vulnerability (CVE-2022-31674)
VMware vRealize Operations contains an information disclosure vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.5.
3d. Authentication Bypass Vulnerability (CVE-2022-31675)
VMware vRealize Operations contains an authentication bypass vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.6.
| CPE | Name | Operator | Version |
|---|---|---|---|
| vmware vrealize operations | lt | 8.6.4 |
References
customerconnect.vmware.com/en/downloads/info/slug/infrastructure_operations_management/vmware_vrealize_operations/8_6
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31672
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31673
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31674
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31675
docs.vmware.com/en/vRealize-Operations/8.6.4/rn/vrealize-operations-864-release-notes/index.html
www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Related
