On Thursday, the firm issued urgent fixes to resolve serious security flaws in the VMware Aria Operations for Logs product line (which was originally known as vRealize Log Insight). Additionally, the business issued a warning about the potential for pre-authentication remote root attacks.VMware has issued a critical-level warning that details two different vulnerabilities in the VMware Aria Operations for Logs package (CVE-2023-20864 and CVE-2023-20865) and gives suggestions to assist organizations in mitigating the concerns.
CVE-2023-20864 (CVSS Score: 9.8): Deserialization Vulnerability
There is a deserialization vulnerability in VMware Aria Operations for Logs, and this vulnerability might be exploited by unauthenticated hostile actors. An unauthenticated attacker could possibly execute arbitrary code as root if they had network access to VMware Aria Operations for Logs. This would compromise the system’s security as well as the integrity of the system.
Aria Operations for Logs version 8.12 has VMware’s solution to this problem, which ensures that the vulnerability has been successfully corrected. VMware has released this version. This vulnerability does not have any known solutions at this time.
CVE-2023-20865, also known as the Command Injection Vulnerability, has a CVSS score of 7.2.
A command injection vulnerability was found in VMware Aria Operations for Logs, and it is possible for hostile actors that have administrator rights to exploit this issue. An adversary who has administrative rights has the ability to carry out arbitrary commands as root, which might result in the adversary getting unauthorized access to sensitive data or inflicting damage to the system.
In version 8.12 of Aria Operations for Logs, VMware has implemented a remedy for this problem, therefore reducing the risk provided by the vulnerability in question. This vulnerability does not have any known solutions at this time.
VMware has addressed both CVE-2023-20864 and CVE-2023-20865 in the latest version of Aria Operations for Logs, which was issued as a reaction to these discoveries and is available as version 8.12 of Aria Operations for Logs. Users of the program are urgently encouraged to upgrade to this version as quickly as possible in order to protect their computer systems and data from the possibility of being exploited.
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.