VMware

Aria Operations

15 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2026-22721

  • EPSS 0.03%
  • Veröffentlicht 25.02.2026 20:00:15
  • Zuletzt bearbeitet 04.03.2026 15:54:26

VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations. To remediate CVE-2...

9

CVE-2026-22720

  • EPSS 0.08%
  • Veröffentlicht 25.02.2026 19:33:14
  • Zuletzt bearbeitet 04.03.2026 15:55:32

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks may be able to inject script to perform administrative actions in VMware Aria Operations.  To remediate CVE-20...

8.1

CVE-2026-22719

Warnung Medienbericht
  • EPSS 1.98%
  • Veröffentlicht 25.02.2026 19:18:59
  • Zuletzt bearbeitet 04.03.2026 15:08:13

VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product...

4.9

CVE-2025-41245

  • EPSS 0.05%
  • Veröffentlicht 29.09.2025 17:15:31
  • Zuletzt bearbeitet 29.09.2025 19:34:10

VMware Aria Operations contains an information disclosure vulnerability. A malicious actor with non-administrative privileges in Aria Operations may exploit this vulnerability to disclose credentials of other users of Aria Operations.

7.8

CVE-2025-41244

Warnung Medienbericht Exploit
  • EPSS 0.37%
  • Veröffentlicht 29.09.2025 17:15:30
  • Zuletzt bearbeitet 06.11.2025 13:58:13

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled ...

7.8

CVE-2025-22231

Medienbericht
  • EPSS 0.08%
  • Veröffentlicht 01.04.2025 13:15:40
  • Zuletzt bearbeitet 01.04.2025 20:26:11

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges can escalate their privileges to root on the appliance running VMware Aria Operations.

6.5

CVE-2025-22222

  • EPSS 0.65%
  • Veröffentlicht 30.01.2025 16:15:31
  • Zuletzt bearbeitet 14.05.2025 16:47:55

VMware Aria Operations contains an information disclosure vulnerability. A malicious user with non-administrative privileges may exploit this vulnerability to retrieve credentials for an outbound plugin if a valid service credential ID is known.

7.8

CVE-2024-38830

  • EPSS 0.06%
  • Veröffentlicht 26.11.2024 12:15:18
  • Zuletzt bearbeitet 14.05.2025 16:43:34

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges may trigger this vulnerability to escalate privileges to root user on the appliance running VMware Aria Operations.

7.8

CVE-2024-38831

  • EPSS 0.12%
  • Veröffentlicht 26.11.2024 12:15:18
  • Zuletzt bearbeitet 14.05.2025 16:43:22

VMware Aria Operations contains a local privilege escalation vulnerability.  A malicious actor with local administrative privileges can insert malicious commands into the properties file to escalate privileges to  a root user on the appliance running...

6.4

CVE-2024-38832

  • EPSS 0.4%
  • Veröffentlicht 26.11.2024 12:15:18
  • Zuletzt bearbeitet 14.05.2025 16:36:53

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to views may be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.