Detections
Analytics

CVE-2023-20890

high

Description

Aria Operations for Networks contains an arbitrary file write vulnerability. An authenticated malicious actor with administrative access to VMware Aria Operations for Networks can write files to arbitrary locations resulting in remote code execution.

References

https://www.vmware.com/security/advisories/VMSA-2023-0018.html

Details

Source: Mitre, NVD

Published: 2023-08-29

Updated: 2023-08-31

Risk Information

CVSS v2

Base Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:M/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.2

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Severity: High