Vmware · Vmware Aria Operations For Logs · CVE-2023-20865
**Name of the Vulnerable Software and Affected Versions**
VMware Aria Operations for Logs (affected versions not specified)
**Description**
The issue is related to a command injection vulnerability in VMware Aria Operations for Logs. A malicious actor with administrative privileges can execute arbitrary commands as root. This can be achieved by exploiting the lack of proper neutralization of special elements used in the OS command.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.