Lucene search
HistoryMay 12, 2023 - 9:15 p.m.
CVE-2023-20880
vmware
aria operations
privilege escalation
vulnerability
administrative access
local system
root
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to ‘root’.
Affected configurations
Node
vmwarearia_operationsRange8.6.0–8.12.0
ORvmwarecloud_foundationRange4.0–4.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| vmware | aria_operations | * | cpe:2.3:a:vmware:aria_operations:*:*:*:*:*:*:*:* |
| vmware | cloud_foundation | * | cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2023-20880
2023-05-12 21:15:09
prion
prion
Privilege escalation
2023-05-12 21:15:00
cvelist
cvelist
CVE-2023-20880
2023-05-12 00:00:00
vmware
vmware
nessus
nessus
VMware vRealize Operations Multiple Vulnerabilities (VMSA-2023-0009)
2023-05-18 00:00:00
CVSS3
6.7
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2023-20880