CVS 2023-20887

VMware Aria Operations for Networks Remote Code Execution Vulnerability (CVS 2023-20887) Notification

junho 20, 2023

Overview Recently, NSFOCUS CERT detected a remote code execution vulnerability in VMware Aria Operations for Networks. Due to a specific flaw in the createSupportBundle method, the string entered by the user is not properly validated when executing system calls. Unauthenticated remote attackers can exploit this vulnerability through command injection, ultimately enabling the execution of arbitrary […]


Inscreva-se no Blog da NSFOCUS