VMware has released security updates to fix three vulnerabilities in Aria Operations for Networks which could result in information disclosure and remote code execution.
The vulnerabilities were found in Aria Operations for Networks which was formerly known as vRealize Network Insight. Users of versions VMware Aria Operations for Networks 6.x are under advise to applying the patches listed in the VMware KB article about these vulnerabilities.
Before you download and apply the security patch for your Aria Operations for Network deployment, it is advised to perform clean up using steps mentioned in VMware KB 88977 to avoid issues with patch upgrade failing with “Insufficient disk space toast message.”
The Common Vulnerabilities and Exposures (CVE) database lists publicly disclosed computer security flaws. The CVEs patched in these updates are:
CVE-2023-20887 (CVSS score: 9.8 out of 10): Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in remote code execution (RCE).
CVE-2023-20888 (CVSS score: 9.1 out of 10): Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Networks and valid ‘member’ role credentials may be able to perform a deserialization attack resulting in remote code execution (RCE).
CVE-2023-20889 (CVSS score: 8.8 out of 10): Aria Operations for Networks contains an information disclosure vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in information disclosure.
Command injection is an attack method that aims to execute arbitrary commands on a system. Typically, the threat actor injects the commands by exploiting an application vulnerability, such as insufficient input validation.
Deserialization is the process of extracting data from files, networks or streams and rebuilding the data as objects. Deserialization of user input is considered a security misconfiguration, and can have serious consequences.
VMware Aria Operations for Networks helps IT teams to monitor, discover, and analyze networks and applications to build an optimized, highly available and secure network infrastructure across clouds.
Virtualization technology has taken the scalability of IT systems to the next level. Cybercriminals are very much aware of that and have a vested interest in hypervisor software and network mapping tools, because they make it easier to control a host of virtual machines. Which is much more effective than attacking individual systems.
So, vulnerabilities in such software are guaranteed to be researched by malicious actors.
We don’t just report on vulnerabilities—we identify them, and prioritize action.
Cybersecurity risks should never spread beyond a headline. Keep vulnerabilities in tow by using Malwarebytes Vulnerability and Patch Management.