Vrealize Automation
Sign in to watchby VMware
CVEs (4)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-5336 | Cri | 0.64 | 9.8 | 0.02 | Aug 31, 2016 | VMware vRealize Automation 7.0.x before 7.1 allows remote attackers to execute arbitrary code via unspecified vectors. | |
| CVE-2016-7460 | Cri | 0.59 | 9.1 | 0.02 | Dec 29, 2016 | The Single Sign-On feature in VMware vCenter Server 5.5 before U3e and 6.0 before U2a and vRealize Automation 6.x before 6.2.5 allows remote attackers to read arbitrary files or cause a denial of service via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | |
| CVE-2016-5335 | Hig | 0.51 | 7.8 | 0.00 | Aug 31, 2016 | VMware Identity Manager 2.x before 2.7 and vRealize Automation 7.0.x before 7.1 allow local users to obtain root access via unspecified vectors. | |
| CVE-2015-2344 | Med | 0.35 | 5.4 | 0.00 | Mar 16, 2016 | Cross-site scripting (XSS) vulnerability in VMware vRealize Automation 6.x before 6.2.4 on Linux allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. |