Lucene search
+L

6 matches found

Tenable Nessus
Tenable Nessus
added 2023/06/15 12:0 a.m.38 views

VMWare Aria Operations for Networks Multiple Vulnerabilities (VMSA-2023-0012)

According to its self-reported version, the instance of VMWare Aria Operations for Networks running on the remote web server is 6.x 6.2.0.1684162127, 6.3.x 6.3.0.1684163738, 6.4.x 6.4.0.1684166601, 6.5.x 6.5.1.1684151627, 6.6.x 6.6.0.1684154516, 6.7.x 6.7.0.1684151941, 6.8.x 6.8.0.1684995353, 6.9...

9.8CVSS9AI score0.98281EPSS
Exploits7References6
The Hacker News
The Hacker News
added 2023/06/08 5:18 a.m.6 views

Urgent Security Updates: Cisco and VMware Address Critical Vulnerabilities

VMware has released security updates to fix a trio of flaws in Aria Operations for Networks that could result in information disclosure and remote code execution. The most critical of the three vulnerabilities is a command injection vulnerability tracked as CVE-2023-20887 CVSS score: 9.8 that cou...

9.8CVSS8.8AI score0.98281EPSS
Exploits12
NVD
NVD
added 2023/06/07 3:15 p.m.25 views

CVE-2023-20889

Aria Operations for Networks contains an information disclosure vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in information disclosure...

7.5CVSS7.5AI score0.79258EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/06/07 2:20 p.m.13 views

CVE-2023-20889

Aria Operations for Networks contains an information disclosure vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in information disclosure...

7.5AI score0.79258EPSS
Exploits0References1
CVE
CVE
added 2023/06/07 2:20 p.m.205 views

CVE-2023-20889

VMware Aria Operations for Networks (formerly vRealize Network Insight) is affected by CVE-2023-20889, a network-exposed information-disclosure vulnerability caused by an information-disclosing command-injection flaw in the application layer. The issue can be exploited by a remote attacker with n...

7.5CVSS8.3AI score0.79258EPSS
In wildExploits0References1Affected Software1
VMware
VMware
added 2023/06/07 12:0 a.m.42 views

VMware Aria Operations for Networks updates address multiple vulnerabilities. (CVE-2023-20887, CVE-2023-20888, CVE-2023-20889)

3a. Aria Operations for Networks Command Injection Vulnerability CVE-2023-20887 Aria Operations for Networks contains a command injection vulnerability. VMware has evaluated the severity of this issue to be in the critical severity range with a maximum CVSSv3 base score of 9.8. 3b. Aria Operation...

7.5CVSS7.3AI score0.98281EPSS
Exploits7References7Affected Software1
Rows per page
Query Builder