VMware has released security patches to address critical vulnerabilities in VMware Aria Operations for Networks. These vulnerabilities could allow attackers to gain remote execution or access sensitive information.
Previously known as vRealize Network Insight (vRNI), this tool helps optimize network performance and manage VMware and Kubernetes deployments.
The most severe vulnerability fixed is a command injection flaw (CVE-2023-20887), which unauthenticated threat actors can exploit in low-complexity attacks without user interaction. A successful attack could result in remote code execution.
Another patched vulnerability (CVE-2023-20888) can lead to remote code execution on unpatched Aria Operations appliances, requiring network access and valid credentials.
A third flaw (CVE-2023-20889) enables information disclosure following a command injection attack. VMware advises administrators to patch all vulnerable installations of VMware Aria Operations Networks 6.x to mitigate these vulnerabilities, as no workarounds are available. Detailed steps for applying the patch bundles can be found on VMware’s Customer Connect website.
In addition to these vulnerabilities, VMware had previously addressed a critical bug in the vRealize Log Insight tool, allowing attackers to run code as root.
The company continues to prioritize security by promptly addressing and patching critical security flaws in their products.
