Home › Vendors › Vmware › Vrealize OrchestratorVmware Vrealize Orchestrator — known CVE vulnerabilities Every CVE whose affected-product data names Vmware Vrealize Orchestrator, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3) CVE-2023-20855 — CVSS 8.8 (high) : VMware vRealize Orchestrator contains an XML External Entity (XXE) vulnerability. A malicious actor, with non-administrative access to…CVE-2015-6934 — CVSS 7.3 (high) : Serialized-object interfaces in VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize Operations 6.x, vCenter Operations…CVE-2021-22036 — CVSS 6.5 (medium) : VMware vRealize Orchestrator ((8.x prior to 8.6) contains an open redirect vulnerability due to improper path handling. A malicious actor…