cbcvebase.
CVE-2023-20864
published 2023-04-20

CVE-2023-20864: VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for…

critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.

Affected

2 ranges
VendorProductVersion rangeFixed in
vmwarearia_operations_for_logs>= 8.10.2 < 8.12.08.12.0
vmwarecloud_foundation4.0 – 4.5