What is VMware Aria Operations for Networks?
VMware Aria Operations for Networks, formerly known as vRealize Network Insight, a network monitoring tool that monitors and analyzes networks across multiple clouds.
What is the Attack?
CVE-2023-20887 is a command injection vulnerability in Aria Operations for Networks that allows an unauthenticated attacker with network access to achieve remote code execution.
The vulnerability has a CVSS base score of 9.8 and is rated critical by VMware.
Why is this Significant?
This is significant because proof-of-concept (PoC) code is publicly available for CVE-2023-20887, which VMware has confirmed is being exploited in the wild. As such, attacks that leverage the vulnerability are expected to increase.
FortiGuard Labs advises that the patch should be applied as soon as possible.
What is the Vendor Solution?
VMware released a patch for CVE-2023-20887 on June 7th, 2023.
For details, please refer to the link “VMSA-2023-0012.2 ” to in the Appendix.
What FortiGuard Coverage is available?
FortiGuard Labs has released a new IPS signature “VMware.Aria.Operations.CVE-2023-20887.Command.Injection” in version 24.588.
More Stories
ZDI-CAN-25373: Microsoft
A CVSS score 7.0 AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Peter Girnus - Trend Micro Zero Day Initiative' was reported to...
DSA-5774-1 ruby-saml – security update
It was discovered that ruby-saml, a SAML library implementing the client side of a SAML authorization, does not properly verify...
USN-6968-2: PostgreSQL vulnerability
USN-6968-1 fixed CVE-2024-7348 in PostgreSQL-12, PostgreSQL-14, and PostgreSQL-16 This update provides the corresponding updates for PostgreSQL-9.5 in Ubuntu 16.04 LTS....
USN-7015-2: Python vulnerabilities
USN-7015-1 fixed several vulnerabilities in Python. This update provides one of the corresponding updates for python2.7 for Ubuntu 16.04 LTS,...
USN-7027-1: Emacs vulnerabilities
It was discovered that Emacs incorrectly handled input sanitization. An attacker could possibly use this issue to execute arbitrary commands....
USN-7024-1: tgt vulnerability
It was discovered that tgt attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1,...