QID 378439
Date Published: 2023-04-26
QID 378439: VMware Aria Operations for Logs Multiple Security Vulnerabilities (VMSA-2023-0007)
VMWare has patched two vulnerabilities in its product VMware Aria Operations for Logs, which is formerly known as vRealize Log Insight.
VMware Aria Operations for Logs contains a Deserialization Vulnerability, where an unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root. (CVE-2023-20864)
VMware Aria Operations for Logs contains a Command Injection Vulnerability, where a malicious actor with administrative privileges in VMware Aria Operations for Logs can execute arbitrary commands as root. (CVE-2023-20865)
Affected Versions:
VMware Aria Operations for Logs versions 8.6.x, 8.8.x, 8.10, 8.10.2.
QID Detection Logic(Authenticated):
This QID checks for vulnerable versions of VMware Aria Operations for Logs Automation by fetching the version from /opt/vmware/etc/appliance-manifest.xml.
Successful exploitation of the vulnerability may allow an attacker to perform Command Injection Vulnerability and/or exploit a Deserialization Vulnerability.
- VMSA-2023-0007 -
www.vmware.com/security/advisories/VMSA-2023-0007.html
CVEs related to QID 378439
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| VMSA-2023-0007 |
www.vmware.com/security/advisories/VMSA-2023-0007.html |