Multiple vulnerabilities have been discovered in VMware vRealize Operations, the most severe of which could result in Remote Code Execution. VMware vRealize Operations is an IT management platform which enables visibility, optimization and management of an organization’s physical, virtual and cloud infrastructure. This software comes within an API which enables developers to build vRealize Operations clients to communicate with the server over HTTP. Successful exploitation of the most severe of these vulnerabilities could allow the attacker to execute code in context of the application. Depending on the permission associated with the application running the exploit, an attacker could then install programs; view, change, or delete data

Read More