all InfoSec news
A Vulnerability in VMware Aria Operations for Networks Could Allow for Remote Code Execution
Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org
A vulnerability has been discovered VMware Aria Operations for Networks which could allow for remote code execution. VMware Aria Operations for Networks is a network monitoring tool that collects and analyzes metrics, APIs, configurations, metadata, integrations, telemetry netflow, sFlow, and IPFIX flow traffic, which traverses the infrastructure. Successful exploitation of this vulnerability could allow for remote code execution in the context of the administrator account. An attacker could then install programs; view, change, or delete data; or create new accounts …
a network apis aria aria operations for networks code code execution flow integrations metadata metrics monitoring monitoring tool network network monitoring networks operations remote code remote code execution telemetry tool traffic vmware vulnerability