VMware

Aria Operations

12 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.9

CVE-2025-41245

  • EPSS 0.04%
  • Published 29.09.2025 17:15:31
  • Last modified 29.09.2025 19:34:10

VMware Aria Operations contains an information disclosure vulnerability. A malicious actor with non-administrative privileges in Aria Operations may exploit this vulnerability to disclose credentials of other users of Aria Operations.

7.8

CVE-2025-41244

  • EPSS 0.02%
  • Published 29.09.2025 17:15:30
  • Last modified 30.09.2025 13:15:50

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled ...

7.8

CVE-2025-22231

Media report
  • EPSS 0.02%
  • Published 01.04.2025 13:15:40
  • Last modified 01.04.2025 20:26:11

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges can escalate their privileges to root on the appliance running VMware Aria Operations.

6.5

CVE-2025-22222

  • EPSS 0.17%
  • Published 30.01.2025 16:15:31
  • Last modified 14.05.2025 16:47:55

VMware Aria Operations contains an information disclosure vulnerability. A malicious user with non-administrative privileges may exploit this vulnerability to retrieve credentials for an outbound plugin if a valid service credential ID is known.

7.8

CVE-2024-38830

  • EPSS 0.04%
  • Published 26.11.2024 12:15:18
  • Last modified 14.05.2025 16:43:34

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges may trigger this vulnerability to escalate privileges to root user on the appliance running VMware Aria Operations.

7.8

CVE-2024-38831

  • EPSS 0.32%
  • Published 26.11.2024 12:15:18
  • Last modified 14.05.2025 16:43:22

VMware Aria Operations contains a local privilege escalation vulnerability.  A malicious actor with local administrative privileges can insert malicious commands into the properties file to escalate privileges to  a root user on the appliance running...

6.4

CVE-2024-38832

  • EPSS 0.74%
  • Published 26.11.2024 12:15:18
  • Last modified 14.05.2025 16:36:53

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to views may be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.

5.4

CVE-2024-38833

  • EPSS 0.23%
  • Published 26.11.2024 12:15:18
  • Last modified 14.05.2025 16:36:49

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to email templates might inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.

4.8

CVE-2024-38834

  • EPSS 0.37%
  • Published 26.11.2024 12:15:18
  • Last modified 14.05.2025 16:36:45

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to cloud provider might be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations...

6.7

CVE-2024-22235

  • EPSS 0.05%
  • Published 21.02.2024 05:15:08
  • Last modified 20.03.2025 20:15:31

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.