PT-2023-7460 · Vmware · Vmware Vrealize Operations
Thiscodecc
·
Published
2023-01-31
·
Updated
2023-02-08
·
CVE-2023-20856
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
VMware vRealize Operations (vROps) (affected versions not specified)
Description
The issue is related to insufficient authentication of executed requests in the vRealize Operations (vROps) tool, allowing a remote attacker to perform a CSRF attack. This could enable a malicious user to execute actions on the vROps platform on behalf of an authenticated victim user.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Vmware Vrealize Operations