VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.
References
Link | Resource |
---|---|
https://www.vmware.com/security/advisories/VMSA-2023-0007.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2023-04-20 21:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-20864
Mitre link : CVE-2023-20864
CVE.ORG link : CVE-2023-20864
JSON object : View
Products Affected
vmware
- aria_operations_for_logs
- cloud_foundation
CWE
CWE-502
Deserialization of Untrusted Data