Lucene search

CVE-2023-20855

🗓️ 22 Feb 2023 00:11:15Reported by vmwareType

VMware vRealize Orchestrator XML External Entity (XXE) vulnerabilit

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
Vulnrichment	CVE-2023-20855	21 Feb 202300:00	–	vulnrichment
Cvelist	CVE-2023-20855	21 Feb 202300:00	–	cvelist
NVD	CVE-2023-20855	22 Feb 202300:15	–	nvd
Prion	Xxe	22 Feb 202300:15	–	prion
VMware	VMSA-2023-0005:VMware vRealize Orchestrator update addresses an XML External Entity (XXE) vulnerability	19 Feb 202300:00	–	vmware
Tenable Nessus	VMware vCenter / vRealize Orchestrator 8.x < 8.11.1 XXE (VMSA-2023-0005)	24 Feb 202300:00	–	nessus
The Hacker News	VMware Patches Critical Vulnerability in Carbon Black App Control Product	22 Feb 202304:55	–	thn

Nvd

Node

vmware vrealize_automationRange8.0–8.11.1

vmware vrealize_orchestratorRange8.0–8.11.1

[
  {
    "vendor": "n/a",
    "product": "VMware vRealize Orchestrator, VMware vRealize Automation, VMware Cloud Foundation",
    "versions": [
      {
        "version": "VMware vRealize Orchestrator 8.x",
        "status": "affected"
      }
    ]
  }
]

Source	Link
vmware	www.vmware.com/security/advisories/VMSA-2023-0005.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

22 Feb 2023 00:15Current

8.7High risk

Vulners AI Score8.7

CVSS38.8

EPSS0.00088

SSVC

CWE-611