This script is Copyright (C) 2016 Tenable Network Security, Inc.
A device management application running on the remote host is affected
by multiple vulnerabilities.
The VMware vRealize Automation application running on the remote host
is version 7.0.x prior to 7.1. It is, therefore, affected by the
following vulnerabilities :
- An unspecified flaw exists that allows a local attacker
to elevate privileges from a low-privileged account to
root access. (CVE-2016-5335)
- An unspecified flaw exists that allows an
unauthenticated, remote attacker to execute code and
thereby gain access to a low privilege account on the
device. No other details are available. (CVE-2016-5336)
See also :
Upgrade to VMware vRealize Automation version 7.1 or later.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 5.5
Public Exploit Available : false