Privilege Escalation Vulnerability in vRealize Operations by VMware
CVE-2022-31707

7.2HIGH

Key Information:

Vendor: Vmware
Status: Vmware Vrealize Operations (vrops)
Vendor: CVE Published:; 16 December 2022

Summary

vRealize Operations (vROps) by VMware is susceptible to a vulnerability that allows an attacker to escalate their privileges within the system. This issue can potentially lead to unauthorized actions being performed by users with limited access, potentially jeopardizing sensitive data and system integrity. Administrators are encouraged to apply the recommended security updates to mitigate the risks associated with this vulnerability.

Affected Version(s)

VMware vRealize Operations (vROps) VMware vRealize Operations (vROps) (Multiple Versions)

References

https://www.vmware.com/security/advisories/VMSA-2022-0034...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 16, 2022
Vulnerability Reserved
May 25, 2022