Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Cloud Foundation Security Vulnerabilities - 2023

cve
cve

CVE-2023-20864

VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.

9.8CVSS

9.7AI Score

0.145EPSS

2023-04-20 09:15 PM
87
cve
cve

CVE-2023-20865

VMware Aria Operations for Logs contains a command injection vulnerability. A malicious actor with administrative privileges in VMware Aria Operations for Logs can execute arbitrary commands as root.

7.2CVSS

8.9AI Score

0.001EPSS

2023-04-20 09:15 PM
69
cve
cve

CVE-2023-20877

VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation.

8.8CVSS

8.9AI Score

0.001EPSS

2023-05-12 09:15 PM
44
cve
cve

CVE-2023-20878

VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system.

7.2CVSS

7.8AI Score

0.001EPSS

2023-05-12 09:15 PM
30
cve
cve

CVE-2023-20879

VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system.

6.7CVSS

7.3AI Score

0.0004EPSS

2023-05-12 09:15 PM
29
cve
cve

CVE-2023-20880

VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.

6.7CVSS

7.3AI Score

0.0004EPSS

2023-05-12 09:15 PM
33
cve
cve

CVE-2023-20884

VMware Workspace ONE Access and VMware Identity Manager contain an insecure redirect vulnerability. An unauthenticated malicious actor may be able to redirect a victim to an attacker controlled domain due to improper path handling leading to sensitive information disclosure.

6.1CVSS

5.9AI Score

0.0005EPSS

2023-05-30 04:15 PM
65
cve
cve

CVE-2023-34043

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.

6.7CVSS

6.8AI Score

0.0004EPSS

2023-09-27 03:18 PM
41