Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2023-20864

VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.

  • Published: Apr 20, 2023
  • Updated: May 3, 2023
  • CVE: CVE-2023-20864
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

OWASP TOP 10:

Software From Fixed in
vmware / cloud_foundation 4.0 4.5.x
vmware / aria_operations_for_logs 8.10.2 8.12.0