VMWare Aria Operations for Networks Multiple Vulnerabilities
RISK: Extremely High Risk
TYPE: Operating Systems - VM Ware
Multiple vulnerabilities were identified in VMWare Aria Operations for Networks. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution and sensitive information disclosure on the targeted system.
CVE-2023-20887 is being exploited in the wild. Unauthenticated threat actors can exploit this command injection flaw in low-complexity attacks that don't require user interaction.
[Updated on 2023-06-21]
Updated Risk Level.
- Remote Code Execution
- Information Disclosure
System / Technologies affected
- VMware Aria Operations for Networks 6.x (Formerly vRealize Network Insight)
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor: