Vulnerabilities > Vmware > Aria Operations FOR Networks > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-06 | CVE-2024-22238 | Cross-site Scripting vulnerability in VMWare Aria Operations for Networks Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges may be able to inject malicious code into user profile configurations due to improper input sanitization. | 4.8 |
| 2024-02-06 | CVE-2024-22240 | Files or Directories Accessible to External Parties vulnerability in VMWare Aria Operations for Networks Aria Operations for Networks contains a local file read vulnerability. A malicious actor with admin privileges may exploit this vulnerability leading to unauthorized access to sensitive information. | 4.9 |
| 2024-02-06 | CVE-2024-22241 | Cross-site Scripting vulnerability in VMWare Aria Operations for Networks Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges can inject a malicious payload into the login banner and takeover the user account. | 4.8 |