VMwareVMSA-2023-0009VMware Aria Operations update addresses multiple Local Privilege Escalations and a Deserialization issue (CVE-2023-20877, CVE-2023-20878, CVE-2023-20879, CVE-2023-20880)
3a. VMware Aria Operations Privilege Escalation Vulnerability (CVE-2023-20877)
VMware Aria Operations contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.8.
3b. VMware Aria Operations Deserialization Vulnerability (CVE-2023-20878)
VMware Aria Operations contains a deserialization vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.6.
3c. VMware Aria Operations Local Privilege Escalation Vulnerability (CVE-2023-20879)
VMware Aria Operations contains multiple Local Privilege Escalation vulnerabilities. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.7.
3d. VMware Aria Operations Local Privilege Escalation Vulnerability (CVE-2023-20880)
VMware Aria Operations contains a local privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.4.
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20877
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20878
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20879
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20880
kb.vmware.com/s/article/91850
kb.vmware.com/s/article/91852
kb.vmware.com/s/article/92148
www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Related
