CVE-2023-20865
published 2023-04-20CVE-2023-20865: VMware Aria Operations for Logs contains a command injection vulnerability. A malicious actor with administrative privileges in VMware Aria Operations for Logs…
high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
VMware Aria Operations for Logs contains a command injection vulnerability. A malicious actor with administrative privileges in VMware Aria Operations for Logs can execute arbitrary commands as root.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vmware | aria_operations_for_logs | >= 8.6.0 < 8.12.0 | 8.12.0 |
| vmware | cloud_foundation | 4.0 – 4.5 | — |