QID 730710

Date Published: 2023-03-06

QID 730710: VMware vRealize Operations Multiple Vulnerabilities (VMSA-2022-0034)

Multiple vulnerabilities in VMware vRealize Operations (vROps) were privately reported to VMware. Patches and updates are available to remediate these vulnerabilities in affected VMware products.

Affected Versions(s):
VMware vRealize Operations Manager 8.10
VMware vRealize Operations Manager 8.6.x Prior to 8.6.4 build 20823815
QID Detection Logic
This QID sends the GET request to ui/login.action and checks for vulnerable version.

Successful exploitation could compromise confidentiality, integrity and availability

CVSS V3 rated as High - 7.2 severity.

CVSS V2 rated as Critical - 8.3 severity.

Solution

The vendor has released updates to resolve this issue. Refer to VMSA-2022-0034 to obtain additional details.

Vendor References

VMSA-2022-0034 - www.vmware.com/security/advisories/VMSA-2022-0034.html

CVEs related to QID 730710

CVE-2022-31707 | CVE-2022-31708 |

Software Advisories

Advisory ID	Software	Component	Link
VMSA-2022-0034			www.vmware.com/security/advisories/VMSA-2022-0034.html

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].