Other official information and services: www.belgium.be

Warning: Multiple vulnerabilities in VMWare Aria Operations for Networks.

Referentie:

Advisory #2023-67

Versie:

1.0

Geïmpacteerde software:

VMware Aria Operations Networks version 6.x

Type:

Remote Code Execution (RCE), information disclosure

CVE/CVSS:

CVE-2023-20887
CVE-2023-20888
CVE-2023-20889

Datum:

09/06/2023

Bronnen

VMWare - https://www.vmware.com/security/advisories/VMSA-2023-0012.html

Risico’s

All three vulnerabilities have a HIGH impact on Confidentiality, Integrity, and Availability. Authentication, and user interaction are not required to exploit this vulnerability.

Beschrijving

CVE-2023-20887: Command Injection Vulnerability

A malicious actor with network access to VMware Aria Operations for Networks can perform a command injection attack resulting in remote code execution.

CVE-2023-20888: Authenticated Deserialization Vulnerability

A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentials can perform a deserialization attack resulting in remote code execution.

CVE-2023-20889: Information Disclosure Vulnerability

A malicious actor with network access to VMware Aria Operations for Networks can perform a command injection attack resulting in information disclosure.

Aanbevolen acties

The Centre for Cyber Security Belgium strongly recommends system administrators to visit VMWare's download page to apply the necessary patches.

Referenties

https://nvd.nist.gov/vuln/detail/CVE-2023-20887
https://nvd.nist.gov/vuln/detail/CVE-2023-20888
https://nvd.nist.gov/vuln/detail/CVE-2023-20889