VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887)

CVE-2023-20887, a pre-authentication command injection vulnerability in VMware Aria Operations for Networks (formerly vRealize Network Insight), has been spotted being exploited in the wild. There are no workarounds to mitigate the risk of exploitation – enterprise admins are advised to upgrade their deployments with patches. CVE-2023-20887 exploited CVE-2023-20887 is one of three vulnerabilities recently discovered by Sina Kheirkhah of Summoning Team and an anonymous researcher and privately reported to VMware. “A malicious actor with network … More →

The post …

aria aria operations for networks authentication command command injection cve cve-2023-20887 don't miss enterprise exploitation exploited greynoise hot stuff injection insight network networks operations patch patches risk upgrade vmware vrealize vulnerability vulnerability exploited