VMware Aria Operations for Networks Remote Code Execution Vulnerability (CVS 2023-20887) Notification
junho 20, 2023
Overview Recently, NSFOCUS CERT detected a remote code execution vulnerability in VMware Aria Operations for Networks. Due to a specific flaw in the createSupportBundle method, the string entered by the user is not properly validated when executing system calls. Unauthenticated remote attackers can exploit this vulnerability through command injection, ultimately enabling the execution of arbitrary […]