QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2023-20888

Back to search

CVE-2023-20888

Published: Jun 7, 2023

Modified: Jan 7, 2025

PUBLISHED

Description

Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentials may be able to perform a deserialization attack resulting in remote code execution.

VendorProductVersions

n/a

Aria Operations for Networks (Formerly vRealize Network Insight)

affected
Aria Operations for Networks (Formerly vRealize Network Insight) 6.x

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now