Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware aria operations vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2023-20890
Aria Operations for Networks contains an arbitrary file write vulnerability. An authenticated malicious actor with administrative access to VMware Aria Operations for Networks can write files to arbitrary locations resulting in remote code execution.
Vmware Aria Operations For Networks
9.8
CVSSv3
CVE-2023-20864
VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.
Vmware Cloud Foundation
Vmware Aria Operations For Logs
7.2
CVSSv3
CVE-2023-20865
VMware Aria Operations for Logs contains a command injection vulnerability. A malicious actor with administrative privileges in VMware Aria Operations for Logs can execute arbitrary commands as root.
Vmware Aria Operations For Logs
Vmware Cloud Foundation
6.7
CVSSv3
CVE-2023-20879
VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system.
Vmware Cloud Foundation
Vmware Vrealize Operations 8.10.0
Vmware Vrealize Operations 8.6.0
7.2
CVSSv3
CVE-2023-20878
VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system.
Vmware Cloud Foundation
Vmware Vrealize Operations 8.10.0
Vmware Vrealize Operations 8.6.0
8.8
CVSSv3
CVE-2023-20877
VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation.
Vmware Cloud Foundation
Vmware Vrealize Operations 8.10.0
Vmware Vrealize Operations 8.6.0
4.9
CVSSv3
CVE-2022-31682
VMware Aria Operations contains an arbitrary file read vulnerability. A malicious actor with administrative privileges may be able to read arbitrary files containing sensitive data.
Vmware Vrealize Operations
9.8
CVSSv3
CVE-2023-20887
Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in remote code execution.
Vmware Vrealize Network Insight
1 Metasploit module
4 Github repositories
1 Article
7.5
CVSSv3
CVE-2023-20889
Aria Operations for Networks contains an information disclosure vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in information disclosure.
Vmware Vrealize Network Insight
1 Article
8.8
CVSSv3
CVE-2023-20888
Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentials may be able to perform a deserialization attack resulting in remote cod...
Vmware Vrealize Network Insight
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »