A Critical Vulnerability uncovered in VMware Aria Operations for Networks
A Critical Vulnerability uncovered in VMware Aria Operations for Networks
Threat Level
Vulnerability Report
For a detailed threat advisory, download the pdf file here
Summary
Two vulnerabilities have been discovered in VMware Aria Operations for Networks (formerly vRealize Network Insight). The first vulnerability, CVE-2023-34039, is an authentication bypass that allows attackers to access the network CLI. The other vulnerability, CVE-2023-20890, enables remote code execution through arbitrary file write.
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.