all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Command Injection Vulnerability in Aria Operations for Networks (CVE-2023-20887) Exploited in the Wild

Add to bookmarks
June 23, 2023, 3:22 p.m. |

FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com

What is VMware Aria Operations for Networks?



VMware Aria Operations for Networks, formerly known as vRealize Network Insight, a network monitoring tool that monitors and analyzes networks across multiple clouds.






What is the Attack?

CVE-2023-20887 is a command injection vulnerability in Aria Operations for Networks that allows an unauthenticated attacker with network access to achieve remote code execution.
The vulnerability has a CVSS base score of 9.8 and is rated critical by VMware.




Why is this Significant?



This is significant …

a network aria aria operations for networks attack clouds command command injection cve cve-2023-20887 exploited injection insight monitoring monitoring tool network network monitoring networks operations tool vmware vrealize vulnerability what is

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report

Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315) 15 hours ago | fortiguard.fortinet.com
CrushFTP VFS Sandbox Escape Vulnerability (CVE-2024-4040) 1 day, 20 hours ago | fortiguard.fortinet.com
attackers attacks cisa cisa known exploited vulnerabilities +27
ArcaneDoor Attack (CVE-2024-20353 and CVE-2024-20359) 1 week ago | fortiguard.fortinet.com
adaptive security advisory april arcanedoor +22
Akira Ransomware Attack (CVE-2023-20269 and CVE-2020-3259) 1 week ago | fortiguard.fortinet.com
access advisory akira akira ransomware +17
PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400) 2 weeks, 2 days ago | fortiguard.fortinet.com
advisory attack code code injection +27
XZ Utils Supply Chain Attack (CVE-2024-3094) 4 weeks ago | fortiguard.fortinet.com
attack code compression cve +25
Nice Linear eMerge Command Injection Vulnerability (CVE-2019–7256) 1 month ago | fortiguard.fortinet.com
access attacker code code execution +25
Jenkins Arbitrary File Read Vulnerability (CVE-2024-23897) 1 month ago | fortiguard.fortinet.com
access application application developers attackers +31
Kimsuky Malware Attack 1 month ago | fortiguard.fortinet.com
attack cyber entities espionage +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Associate Manager, BPT Infrastructure & Ops (Security Engineer)

@ SC Johnson | PHL - Makati
View on infosec-jobs.com

Cybersecurity Analyst - Project Bound

@ NextEra Energy | Jupiter, FL, US, 33478
View on infosec-jobs.com

Lead Cyber Security Operations Center (SOC) Analyst

@ State Street | Quincy, Massachusetts
View on infosec-jobs.com

Junior Information Security Coordinator (Internship)

@ Garrison Technology | London, Waterloo, England, United Kingdom
View on infosec-jobs.com

Sr. Security Engineer

@ ScienceLogic | Reston, VA
View on infosec-jobs.com
View more jobs