CVE-2024-22238

Summary

Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges may be able to inject malicious code into user profile configurations due to improper input sanitization.

Affected Software

VendorProductVersion RangeStatus
n/aVMware Aria Operations for NetworksVMware Aria Operations for Networks 6.xaffected

Weaknesses

  • Cross Site Scripting Vulnerability

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References