Warning: Multiple vulnerabilities in VMWare Aria Operations for Networks.
- CVE-2023-20887
- CVE-2023-20888
- CVE-2023-20889
Sources
VMWare - https://www.vmware.com/security/advisories/VMSA-2023-0012.html
Risks
All three vulnerabilities have a HIGH impact on Confidentiality, Integrity, and Availability. Authentication, and user interaction are not required to exploit this vulnerability.
Description
CVE-2023-20887: Command Injection Vulnerability
A malicious actor with network access to VMware Aria Operations for Networks can perform a command injection attack resulting in remote code execution.
CVE-2023-20888: Authenticated Deserialization Vulnerability
A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentials can perform a deserialization attack resulting in remote code execution.
CVE-2023-20889: Information Disclosure Vulnerability
A malicious actor with network access to VMware Aria Operations for Networks can perform a command injection attack resulting in information disclosure.
Recommended Actions
The Centre for Cyber Security Belgium strongly recommends system administrators to visit VMWare's download page to apply the necessary patches.
References
https://nvd.nist.gov/vuln/detail/CVE-2023-20887
https://nvd.nist.gov/vuln/detail/CVE-2023-20888
https://nvd.nist.gov/vuln/detail/CVE-2023-20889