Vulnerabilities > Vmware > Vrealize Network Insight > 6.2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-07 | CVE-2023-20887 | Command Injection vulnerability in VMWare Vrealize Network Insight Aria Operations for Networks contains a command injection vulnerability. | 9.8 |
| 2023-06-07 | CVE-2023-20888 | Deserialization of Untrusted Data vulnerability in VMWare Vrealize Network Insight Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentials may be able to perform a deserialization attack resulting in remote code execution. | 8.8 |
| 2023-06-07 | CVE-2023-20889 | Command Injection vulnerability in VMWare Vrealize Network Insight Aria Operations for Networks contains an information disclosure vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in information disclosure. | 7.5 |
| 2022-12-14 | CVE-2022-31702 | Command Injection vulnerability in VMWare Vrealize Network Insight vRealize Network Insight (vRNI) contains a command injection vulnerability present in the vRNI REST API. | 9.8 |