HIGH🇵🇱 Wersja polska

CVE-2023-20856

CVSS 8.8v3.1pub. 2023-02-01upd. 2025-03-27

VMware vRealize Operations (vROps) contains a CSRF bypass vulnerability. A malicious user could execute actions on the vROps platform on behalf of the authenticated victim user.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • VMware Vrealize Operations

    APP
    Vmware
    8.6.0 – 8.6.4
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2020-3943CRITICAL9.8ten sam produkt

vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) uses a JMX RMI service...

CVE-2016-7457CRITICAL10.0ten sam produkt

VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to gain privileges, ...

CVE-2023-20877HIGH8.8ten sam produkt

VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with Rea...

CVE-2023-20878HIGH7.2ten sam produkt

VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privile...

CVE-2022-31707HIGH7.2ten sam produkt

vRealize Operations (vROps) contains a privilege escalation vulnerability. VMware has evaluated the severity o...