Privilege Escalation Vulnerability in vRealize Operations by VMware
CVE-2022-31707

7.2HIGH

Key Information:

Vendor: Vmware
Status: Vmware Vrealize Operations (vrops)
Vendor: CVE Published:; 16 December 2022

What is CVE-2022-31707?

vRealize Operations (vROps) by VMware is susceptible to a vulnerability that allows an attacker to escalate their privileges within the system. This issue can potentially lead to unauthorized actions being performed by users with limited access, potentially jeopardizing sensitive data and system integrity. Administrators are encouraged to apply the recommended security updates to mitigate the risks associated with this vulnerability.

Affected Version(s)

VMware vRealize Operations (vROps) VMware vRealize Operations (vROps) (Multiple Versions)

References

https://www.vmware.com/security/advisories/VMSA-2022-0034...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 16, 2022
Vulnerability Reserved
May 25, 2022

Vmware

What is CVE-2022-31707?

Affected Version(s)

References

CVSS V3.1

Timeline