VMware Aria Operations for Networks 漏洞列表

Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentials may be able to perform a deserialization attack resulting in remote code execution. Shodan: title:"VMware Aria Operations" Fofa: app="vmware-Aria"

Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentials may be able to perform a deserialization attack resulting in remote code execution.

Aria Operations for Networks contains an information disclosure vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in information disclosure.

VMware存在代码注入漏洞。此漏洞是由于pdfexport对于onwebkitanimationstart参数缺乏验证导致的。