Security News > 2023 > April > VMware plugs security holes in VMware Aria Operations for Logs (CVE-2023-20864, CVE-2023-20865)
VMware has fixed two vulnerabilities in VMware Aria Operations for Logs, a widely used cloud solution for log analysis and management.
CVE-2023-20864, a deserialization vulnerability, could be exploited by an unauthorized, malicious actor who has network access to VMware Aria Operations for Logs.
CVE-2023-20865 is a command injection vulnerability that allows a bad actor with administrative privileges in VMware Aria Operations for Logs to execute arbitrary commands as root.
"Because of the nature of the VMware Aria Operations for Logs product not being a public facing asset, we do not anticipate seeing widespread exploitation of this flaw," noted Satnam Narang, staff research engineer at Tenable.
"However, an attacker that gains a foothold into a network running a vulnerable version of VMware Aria Operations for Logs could utilize a flaw like this one as part of their post-compromise activity."
To plug these security holes, admins should update their VMware Aria Operations for Logs installations to version 8.12.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-20 | CVE-2023-20865 | Command Injection vulnerability in VMWare Aria Operations for Logs and Cloud Foundation VMware Aria Operations for Logs contains a command injection vulnerability. | 7.2 |
| 2023-04-20 | CVE-2023-20864 | Deserialization of Untrusted Data vulnerability in VMWare Aria Operations for Logs and Cloud Foundation VMware Aria Operations for Logs contains a deserialization vulnerability. | 9.8 |