5 matches found
VMware vRealize Operations Multiple Vulnerabilities (VMSA-2023-0009)
The version of VMware vRealize Operations vROps running on the remote host is missing a vendor supplied patch. It is, therefore, affected by multiple vulnerabilities: - VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges c...
CVE-2023-20877
VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation...
Vulnerabilities fixed in VMWare Aria
VMWare has fixed vulnerabilities in Aria formerly: vRealize. A malicious party could exploit the vulnerabilities to execute arbitrary execute arbitrary commands as "root. For successful abuse, it is necessary that the malicious party already has elevated privileges has. The vulnerability with...
CVE-2023-20877
CVE-2023-20877 affects VMware Aria Operations. An authenticated user with ReadOnly privileges can lead to code execution and privilege escalation. Affected product: VMware Aria Operations (vRealize). CVSSv3.1: 8.8 (HIGH) with Network attack, low complexity, privileges required: LOW. Root cause an...
VMSA-2023-0009:VMware Aria Operations update addresses multiple Local Privilege Escalations and a Deserialization issue
Advisory ID: VMSA-2023-0009 CVSSv3 Range: 6.4-8.8 Issue Date:2023-05-11 Updated On: 2023-05-11 Initial Advisory CVEs: CVE-2023-20877, CVE-2023-20878, CVE-2023-20879, CVE-2023-20880 Synopsis: VMware Aria Operations update addresses multiple Local Privilege Escalations and a Deserialization issue...