VMware has fixed two critical (CVE-2023-20887, CVE-2023-20888) and one important vulnerability (CVE-2023-20889) in Aria Operations for Networks (formerly vRealize Network Insight), its popular enterprise network monitoring tool. About the vulnerabilities (CVE-2023-20887, CVE-2023-20888,CVE-2023-20889) CVE-2023-20887 is a pre-authentication command injection vulnerability that may allow a malicious actor with network access to VMware Aria Operations for Networks to perform a command injection attack and execute code remotely. “According to a tweet by researcher Y4er, CVE-2023-20887 is reportedly a … More
The post VMware fixes critical flaws in Aria Operations for Networks (CVE-2023-20887) appeared first on Help Net Security.