PT-2023-4617 · Vmware · Vmware Aria Operations For Networks
Sinsinology
·
Published
2023-08-29
·
Updated
2023-09-08
·
CVE-2023-20890
CVSS v2.0
8.3
High
| Vector | AV:N/AC:L/Au:M/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
VMware Aria Operations for Networks (affected versions not specified)
Description
The issue is related to an arbitrary file write vulnerability in VMware Aria Operations for Networks. This vulnerability can be exploited by an authenticated malicious actor with administrative access, allowing them to write files to arbitrary locations, resulting in remote code execution.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Path traversal
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Vmware Aria Operations For Networks