all InfoSec news
Multiple Vulnerabilities in VMware Aria Operations for Networks Could Allow for Remote Code Execution
Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org
Multiple vulnerabilities have been discovered within VMware Aria Operations for Networks, the most severe of which could allow for remote code execution. VMware Aria Operations for Networks is a network monitoring tool that collects and analyzes metrics, APIs, configurations, metadata, integrations, telemetry netflow, sFlow, and IPFIX flow traffic, which traverses the infrastructure. Successful exploitation of these vulnerabilities could allow for remote code execution in the context of the administrator account. An attacker could then install programs; view, change, or delete …
a network apis aria aria operations for networks code code execution integrations metadata metrics monitoring monitoring tool network network monitoring networks operations remote code remote code execution telemetry tool vmware vmware aria operations for networks vulnerabilities