CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-20890
https://notcve.org/view.php?id=CVE-2023-20890
Aria Operations for Networks contains an arbitrary file write vulnerability. An authenticated malicious actor with administrative access to VMware Aria Operations for Networks can write files to arbitrary locations resulting in remote code execution. • https://www.vmware.com/security/advisories/VMSA-2023-0018.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 94%CPEs: 1EXPL: 7CVE-2023-34039 – VMWare Aria Operations for Networks (vRealize Network Insight) SSH Private Key Exposure
https://notcve.org/view.php?id=CVE-2023-34039
Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI. VMWare Aria Operations for Networks (vRealize Network Insight) versions 6.0.0 through 6.10.0 do not randomize the SSH keys on virtual machine initialization. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as the "support" (root) user. • https://github.com/Cyb3rEnthusiast/CVE-2023-34039 https://github.com/CharonDefalt/CVE-2023-34039 https://github.com/sinsinology/CVE-2023-34039 https://github.com/syedhafiz1234/CVE-2023-34039 https://github.com/adminxb/CVE-2023-34039 http://packetstormsecurity.com/files/174452/VMWare-Aria-Operations-For-Networks-Remote-Code-Execution.html http://packetstormsecurity.com/files/175320/VMWare-Aria-Operations-For-Networks-SSH-Private-Key-Exposure.html https://www.vmware.com/security/advisories/VMSA-2023-0018.h • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 9.8EPSS: 97%CPEs: 1EXPL: 5CVE-2023-20887 – Vmware Aria Operations for Networks Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2023-20887
Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in remote code execution. This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware Aria Operations for Networks. Authentication is not required to exploit this vulnerability. The specific flaw exists within the createSupportBundle method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. • https://github.com/sinsinology/CVE-2023-20887 https://github.com/miko550/CVE-2023-20887 https://github.com/Malwareman007/CVE-2023-20887 http://packetstormsecurity.com/files/173761/VMWare-Aria-Operations-For-Networks-Remote-Command-Execution.html https://www.vmware.com/security/advisories/VMSA-2023-0012.html https://summoning.team/blog/vmware-vrealize-network-insight-rce-cve-2023-20887 https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/vmware_vrni_rce_cve_2023_20 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •