Vulnerabilities > Vmware > Vrealize Operations > 6.7.0

DATE CVE VULNERABILITY TITLE RISK
2020-02-19 CVE-2020-3945 Information Exposure vulnerability in VMWare Vrealize Operations 6.6.0/6.7.0
vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) contains an information disclosure vulnerability due to incorrect pairing implementation between the vRealize Operations for Horizon Adapter and Horizon View.
network
low complexity
vmware CWE-200
5.0
5.0
2020-02-19 CVE-2020-3944 Improper Authentication vulnerability in VMWare Vrealize Operations 6.6.0/6.7.0
vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) has an improper trust store configuration leading to authentication bypass.
network
low complexity
vmware CWE-287
5.0
5.0
2020-02-19 CVE-2020-3943 Improper Input Validation vulnerability in VMWare Vrealize Operations 6.6.0/6.7.0
vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) uses a JMX RMI service which is not securely configured.
network
low complexity
vmware CWE-20
7.5
7.5
2018-12-18 CVE-2018-6978 Incorrect Permission Assignment for Critical Resource vulnerability in VMWare Vrealize Operations 6.6.0/6.6.1/6.7.0
vRealize Operations (7.x before 7.0.0.11287810, 6.7.x before 6.7.0.11286837 and 6.6.x before 6.6.1.11286876) contains a local privilege escalation vulnerability due to improper permissions of support scripts.
local
low complexity
vmware CWE-732
7.2
7.2