⚠ Actively exploited
Added to CISA KEV on 2023-06-22. Federal agencies required to patch by 2023-07-13. Required action: Apply updates per vendor instructions..

CVE-2023-20887

CWE-77Command Injection11 documents10 sources
Severity
9.8CRITICAL
EPSS
94.3%
top 0.07%
CISA KEV
KEV
Added 2023-06-22
Due 2023-07-13
Exploit
Exploited in wild
Active exploitation observed
Affected products
1
Vmware Aria Operations FOR Networks
Timeline
PublishedJun 7
KEV addedJun 22
KEV dueJul 13
CISA Required Action: Apply updates per vendor instructions.

Description

Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in remote code execution.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5aria_operations_for_networks_(formerly_vrealize_network_insight)Aria Operations for Networks (Formerly vRealize Network Insight) 6.x
NVDvmware/aria_operations6.2.06.10.0

Patches

Patch: www.vmware.comPatch: www.vmware.com

🔴Vulnerability Details

3
CVEList
CVE-2023-20887: Aria Operations for Networks contains a command injection vulnerability2023-06-07
GHSA
GHSA-8vx8-r5j3-f2vf: Aria Operations for Networks contains a command injection vulnerability2023-06-07
VulnCheck
Vmware Aria Operations for Networks Command Injection Vulnerability2023

💥Exploits & PoCs

1
Nuclei
VMware VRealize Network Insight - Remote Code Execution

🔍Detection Rules

1
Suricata
ET EXPLOIT VMware Aria Operations for Networks RCE Attempt (CVE-2023-20887)2023-06-21

📋Vendor Advisories

2
CISA
Vmware Aria Operations for Networks Command Injection Vulnerability2023-06-22
VMware
VMware Aria Operations for Networks updates address multiple vulnerabilities. (CVE-2023-20887, CVE-2023-20888, CVE-2023-20889)2023-06-07
CVE-2023-20887 (CRITICAL CVSS 9.8) | Aria Operations for Networks contai | cvebase.io