Anyone can hack VMware Aria Log operations servers using these vulnerabilities

On Thursday, the company issued hotfixes to resolve serious security flaws in the VMware Aria Log Operations (originally known as vRealize Log Insight) product line. In addition, the company issued a warning about the possibility of pre-authentication remote root attacks. VMware has issued a critical level advisory detailing two different vulnerabilities in the VMware Aria Operations package (CVE-2023-20864 and CVE-2023-20865) and providing suggestions to help organizations mitigate the concerns.

CVE-2023-20864 (CVSS score: 9.8): deserialization vulnerability
A deserialization vulnerability exists in VMware Aria Operations for Logs and this vulnerability could be exploited by unauthenticated hostile actors. An unauthenticated attacker could possibly execute arbitrary code as root if they had access to the VMware Aria Operations for Logs network. This would compromise the security of the system as well as its integrity.

Aria Operations for Logs version 8.12 has VMware’s fix for this issue, ensuring that the vulnerability has been successfully patched. VMware has released this version. This vulnerability has no known fixes at this time.

CVE-2023-20865, also known as a command injection vulnerability, has a CVSS score of 7.2.
A command injection vulnerability was found in VMware Aria Operations for Logs, and it is possible that hostile actors with administrator rights could exploit this issue. An adversary that has administrative rights has the ability to execute arbitrary commands as root, which could result in the adversary gaining unauthorized access to sensitive data or causing system damage.

In version 8.12 of Aria Operations for Logs, VMware has implemented a fix for this issue, thus reducing the risk provided by the vulnerability in question. This vulnerability has no known fixes at this time.

VMware has addressed both CVE-2023-20864 and CVE-2023-20865 in the latest version of Aria Operations, which was released in reaction to these discoveries and is available as Aria Operations version 8.12. Users of the program are strongly recommended to upgrade to this version as soon as possible to protect their computer systems and data from being exploited.

He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He has also worked for security companies such as Kaspersky Lab. His daily work includes investigating new malware and cybersecurity incidents. He also has a deep level of knowledge in mobile security and mobile vulnerabilities.

Send news tips to [email protected] or www.instagram.com/iicsorg/

You can also find us on Telegram www.t.me/noticiasciberseguridad