Vulnerabilities > Vmware > Vrealize Suite Lifecycle Manager > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-13 | CVE-2022-22959 | Cross-Site Request Forgery (CSRF) vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a cross site request forgery vulnerability. | 4.3 |
| 2022-04-13 | CVE-2022-22961 | Information Exposure vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. | 5.3 |
| 2021-10-13 | CVE-2021-22035 | Injection vulnerability in VMWare products VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. | 4.3 |
| 2021-08-30 | CVE-2021-22022 | Path Traversal vulnerability in VMWare products The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary file read vulnerability. | 4.9 |
| 2021-03-31 | CVE-2021-21983 | Unspecified vulnerability in VMWare products Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system. | 6.5 |