Vulnerabilities > Vmware > Aria Operations FOR Networks > 6.11.0

DATE CVE VULNERABILITY TITLE RISK
2024-02-06 CVE-2024-22237 Improper Privilege Management vulnerability in VMWare Aria Operations for Networks
Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain root access to the system.
local
low complexity
vmware CWE-269
7.8
2024-02-06 CVE-2024-22238 Cross-site Scripting vulnerability in VMWare Aria Operations for Networks
Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges may be able to inject malicious code into user profile configurations due to improper input sanitization.
network
low complexity
vmware CWE-79
4.8
2024-02-06 CVE-2024-22239 Improper Privilege Management vulnerability in VMWare Aria Operations for Networks
Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain regular shell access.
local
low complexity
vmware CWE-269
7.8
2024-02-06 CVE-2024-22240 Files or Directories Accessible to External Parties vulnerability in VMWare Aria Operations for Networks
Aria Operations for Networks contains a local file read vulnerability. A malicious actor with admin privileges may exploit this vulnerability leading to unauthorized access to sensitive information.
network
low complexity
vmware CWE-552
4.9
2024-02-06 CVE-2024-22241 Cross-site Scripting vulnerability in VMWare Aria Operations for Networks
Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges can inject a malicious payload into the login banner and takeover the user account.
network
low complexity
vmware CWE-79
4.8