Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2023-20865

VMware Aria Operations for Logs contains a command injection vulnerability. A malicious actor with administrative privileges in VMware Aria Operations for Logs can execute arbitrary commands as root.

  • Published: Apr 20, 2023
  • Updated: May 3, 2023
  • CVE: CVE-2023-20865
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.2
  • AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWEs:

OWASP TOP 10:

Software From Fixed in
vmware / aria_operations_for_logs 8.6.0 8.12.0
vmware / cloud_foundation 4.0 4.5.x