Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2023-20888

CWE-502 — Deserialization of Untrusted Data6 documents6 sources

Severity

8.8HIGH

EPSS

89.3%

top 0.46%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Vmware Vrealize Network Insight

Timeline

PublishedJun 7

Latest updateJul 6

Description

Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentials may be able to perform a deserialization attack resulting in remote code execution.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5aria_operations_for_networks_(formerly_vrealize_network_insight)Aria Operations for Networks (Formerly vRealize Network Insight) 6.x

▶NVDvmware/vrealize_network_insight6.2.0 — 6.10.0

Patches

Patch: www.vmware.com ↗Patch: www.vmware.com ↗

🔴Vulnerability Details

GHSA

GHSA-pv9w-3hhv-xhxr: Aria Operations for Networks contains an authenticated deserialization vulnerability↗2023-07-06

▶

CVEList

CVE-2023-20888: Aria Operations for Networks contains an authenticated deserialization vulnerability↗2023-06-07

▶

💥Exploits & PoCs

Nuclei

VMware Aria Operations for Networks - Remote Code Execution

▶

🔍Detection Rules

Suricata

ET EXPLOIT VMware Aria Operations for Networks RCE Attempt (CVE-2023-20887)↗2023-06-21

▶

📋Vendor Advisories

VMware

VMware Aria Operations for Networks updates address multiple vulnerabilities. (CVE-2023-20887, CVE-2023-20888, CVE-2023-20889)↗2023-06-07

▶