Vulnerabilities > Vmware > Vrealize Automation > 7.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-13 | CVE-2018-6959 | Session Fixation vulnerability in VMWare Vrealize Automation VMware vRealize Automation (vRA) prior to 7.4.0 contains a vulnerability in the handling of session IDs. | 7.5 |
| 2018-04-13 | CVE-2018-6958 | Cross-site Scripting vulnerability in VMWare Vrealize Automation VMware vRealize Automation (vRA) prior to 7.3.1 contains a vulnerability that may allow for a DOM-based cross-site scripting (XSS) attack. | 4.3 |
| 2016-12-29 | CVE-2016-5334 | Exposure of Resource to Wrong Sphere vulnerability in VMWare Identity Manager and Vrealize Automation VMware Identity Manager 2.x before 2.7.1 and vRealize Automation 7.x before 7.2.0 allow remote attackers to read /SAAS/WEB-INF and /SAAS/META-INF files via unspecified vectors. | 5.0 |