HIGH🇬🇧 English

CVE-2023-20890

CVSS 7.2v3.1pub. 2023-08-29upd. 2024-11-21

Aria Operations for Networks contains an arbitrary file write vulnerability. An authenticated malicious actor with administrative access to VMware Aria Operations for Networks can write files to arbitrary locations resulting in remote code execution.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • VMware Aria Operations For Networks

    APP
    Vmware
    6.2.0 – 6.11.0 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCEPath Traversal
CWE
Referencje

Powiązane podatności

CVE-2023-20887CRITICAL9.8⚠ KEVten sam produkt

Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access...

CVE-2023-34039CRITICAL9.8ten sam produkt

Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptogra...

CVE-2024-22237HIGH7.8ten sam produkt

Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access t...

CVE-2024-22238MEDIUM6.4ten sam produkt

Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privi...

CVE-2024-22239MEDIUM5.3ten sam produkt

Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access t...

CVE-2023-20890 — HIGH 7.2 | CVEbaza.pl