Known vulnerabilities in VMware, Inc Aria Automation (formerly vRealize Automation)

[]

Known vulnerabilities in VMware, Inc Aria Automation (formerly vRealize Automation)

Vendor: VMware, Inc

Website: https://www.vmware.com

Total Security Bulletins: 16

Security bulletins (16)

Secuity bulletin	Severity	Status	Published
SB2025051243: DOM-based XSS in VMware Aria	Low	Patched	12.05.2025
SB2025010838: SSRF in VMware Aria Automation	Medium	Patched	08.01.2025
SB2024071217: SQL injection in VMware Aria Automation	Medium	Patched	12.07.2024
SB2024011612: Improper access control in VMware Aria Automation	High	Patched	16.01.2024
SB2023022180: XXE in VMware vRealize	Medium	Patched	21.02.2023
SB2022080257: Multiple vulnerabilities in VMware vRealize Automation	Medium	Patched	02.08.2022
SB2022080229: Authentication bypass in VMware Workspace ONE Access, Identity Manager and vRealize Automation	Critical	Patched	02.08.2022
SB2022051838: Multiple vulnerabilities in several VMWare products	High	Patched Public exploit	18.05.2022
SB2022040614: Multiple vulnerabilities in VMware vRealize Automation	High	Patched Exploited	06.04.2022
SB2021122003: SSRF in vRealize Automation	Low	Patched	20.12.2021
SB2021121323: Remote code execution in VMware vRealize Automation (Apache Log4j component)	Critical	Not patched Exploited	13.12.2021
SB2021080528: SSRF in VMware vRealize Automation	High	Not patched	05.08.2021
SB2018081506: Information disclosure in VMware Virtual Appliances	Low	Not patched	15.08.2018
SB2018041302: Multiple vulnerabilities in VMware vRealize Automation	Low	Patched	13.04.2018
SB2016122905: XML External Entity injection in VMware, vRealize Automation	High	Patched	29.12.2016
SB2016082401: Two vulnerabilities in VMware Identity Manager and vRealize Automation	High	Patched	24.08.2016