İlgili açık sadece ARC (Application Remote Collector) appliance larını etkilemektedir.Bu appliance vRealize Operations ile birlikte Application Monitoring yapılmak istenmektedir.
| Advisory ID | VMSA-2020-0009 |
| Advisory Severity | Critical |
| CVSSv3 Range | 7.5 – 10.0 |
| Synopsis | VMware vRealize Operations Manager addresses Authentication Bypass and Directory Traversal vulnerabilities (CVE-2020-11651, CVE-2020-11652) |
| Issue Date | 2020-05-08 |
| Updated On | 2020-05-08 (Initial Advisory) |
| CVE(s) | CVE-2020-11651, CVE-2020-11652 |
VMware vRealize Operations Manager
VMware vRealize Operations Manager (vROps) addresses Authentication Bypass (CVE-2020-11651) and Directory Traversal (CVE-2020-11652) vulnerabilities.
| Product | Version | Running On | CVE Identifier | CVSSV3 | Severity | Fixed Version | Workarounds | Additional Documentation |
| vROps | 8.1.0 | Virtual Appliance | CVE-2020-11651, CVE-2020-11652 | 10.0 | Critical | Updates Pending | KB79031 | None |
| vROps | 8.0.x | Virtual Appliance | CVE-2020-11651, CVE-2020-11652 | 10.0 | Critical | Updates Pending | KB79031 | None |
| vROps | 7.5.0 | Virtual Appliance | CVE-2020-11651, CVE-2020-11652 | 10.0 | Critical | Updates Pending | KB79031 | None |
| vROps | 7.0.0 | Virtual Appliance | CVE-2020-11651, CVE-2020-11652 |
