CSRF Bypass Vulnerability in VMware vRealize Operations
CVE-2023-20856
8.8HIGH
Key Information:
- Vendor
Vmware
- Vendor
- CVE Published:
- 1 February 2023
What is CVE-2023-20856?
VMware vRealize Operations contains a CSRF bypass vulnerability that allows an attacker to perform unauthorized actions on the platform. This occurs as a result of a flaw in the application's handling of requests, which can be exploited by a malicious user to execute actions as an authenticated victim user, potentially leading to unwanted modifications or data breaches. Users are urged to review security advisories and implement recommended mitigations to safeguard their environments.
Affected Version(s)
VMware vRealize Operations (vROps) vRealize Operations Manager (vROps) 8.6.4