CVE-2024-22241

Summary

Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges can inject a malicious payload into the login banner and takeover the user account.  

Affected Software

VendorProductVersion RangeStatus
n/aVMware Aria Operations for NetworksVMware Aria Operations for Networks 6.xaffected

Weaknesses

  • Cross Site Scripting vulnerability

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References