Vmware Vrealize Network Insight vulnerabilities
3 known vulnerabilities affecting vmware/vrealize_network_insight.
Total CVEs
3
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2
Vulnerabilities
Page 1 of 1
CVE-2023-20888HIGHCVSS 8.8PoC≥ 6.2.0, ≤ 6.10.02023-06-07
CVE-2023-20888 [HIGH] CWE-502 CVE-2023-20888: Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious ac
Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentials may be able to perform a deserialization attack resulting in remote code execution.
nvd
CVE-2023-20889HIGHCVSS 7.5PoC≥ 6.2.0, ≤ 6.10.02023-06-07
CVE-2023-20889 [HIGH] CWE-77 CVE-2023-20889: Aria Operations for Networks contains an information disclosure vulnerability. A malicious actor wit
Aria Operations for Networks contains an information disclosure vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in information disclosure.
nvd
CVE-2022-31702CRITICALCVSS 9.8v6.2.0v6.3.0+4 more2022-12-14
CVE-2022-31702 [CRITICAL] CWE-77 CVE-2022-31702: vRealize Network Insight (vRNI) contains a command injection vulnerability present in the vRNI REST
vRealize Network Insight (vRNI) contains a command injection vulnerability present in the vRNI REST API. A malicious actor with network access to the vRNI REST API can execute commands without authentication.
nvd