HIGH🇵🇱 Wersja polska

CVE-2023-20890

CVSS 7.2v3.1pub. 2023-08-29upd. 2024-11-21

Aria Operations for Networks contains an arbitrary file write vulnerability. An authenticated malicious actor with administrative access to VMware Aria Operations for Networks can write files to arbitrary locations resulting in remote code execution.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • VMware Aria Operations For Networks

    APP
    Vmware
    6.2.0 – 6.11.0 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEPath Traversal
CWE
References

Related vulnerabilities

CVE-2023-20887CRITICAL9.8⚠ KEVten sam produkt

Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access...

CVE-2023-34039CRITICAL9.8ten sam produkt

Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptogra...

CVE-2024-22237HIGH7.8ten sam produkt

Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access t...

CVE-2024-22238MEDIUM6.4ten sam produkt

Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privi...

CVE-2024-22239MEDIUM5.3ten sam produkt

Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access t...