cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-20890,https://securityvulnerability.io/vulnerability/CVE-2023-20890,Arbitrary File Write Vulnerability in VMware Aria Operations for Networks,"VMware Aria Operations for Networks has a vulnerability that enables an authenticated attacker with administrative privileges to write files to any location on the system. This flaw can lead to unauthorized remote code execution, posing significant security risks. Proper measures are advised to mitigate exposure and protect against potential exploitation.",Vmware,Aria Operations For Networks,7.2,HIGH,0.001560000004246831,false,false,false,false,,false,false,2023-08-29T18:15:00.000Z,0
CVE-2023-34039,https://securityvulnerability.io/vulnerability/CVE-2023-34039,Authentication Bypass in Aria Operations for Networks by VMware,"Aria Operations for Networks faces a significant vulnerability that allows malicious actors with network access to bypass SSH authentication. This is primarily due to the absence of unique cryptographic key generation, which could potentially enable unauthorized access to the command line interface. Organizations utilizing this product are urged to implement immediate security measures to mitigate the risk of exploitation.",Vmware,Aria Operations for Networks,9.8,CRITICAL,0.9588299989700317,false,true,false,true,true,false,false,2023-08-29T18:15:00.000Z,0
CVE-2023-20888,https://securityvulnerability.io/vulnerability/CVE-2023-20888,Authenticated Deserialization Vulnerability in VMware Aria Operations for Networks,"VMware Aria Operations for Networks is impacted by an authenticated deserialization vulnerability that allows attackers with valid 'member' role credentials and network access to execute arbitrary code remotely. This vulnerability poses a significant risk as it can enable unauthorized control over affected systems, facilitating further exploitation. Organizations utilizing this product should take immediate steps to assess their exposure and remediate the issue as advised in VMware's security advisory.",Vmware,Aria Operations For Networks (formerly Vrealize Network Insight),8.8,HIGH,0.19822999835014343,false,true,false,false,,false,false,2023-06-07T15:15:00.000Z,0
CVE-2023-20889,https://securityvulnerability.io/vulnerability/CVE-2023-20889,Information Disclosure Vulnerability in VMware Aria Operations for Networks,"An information disclosure vulnerability exists within VMware Aria Operations for Networks, allowing a malicious actor with network access to exploit the system by executing command injection attacks. Successful exploitation can result in the unintentional exposure of sensitive information. It is crucial for organizations using this product to apply the necessary security patches and remain vigilant against potential network threats.",Vmware,Aria Operations For Networks (formerly Vrealize Network Insight),7.5,HIGH,0.24718999862670898,false,false,false,false,,false,false,2023-06-07T15:15:00.000Z,0
CVE-2023-20887,https://securityvulnerability.io/vulnerability/CVE-2023-20887,Command Injection Vulnerability in VMware Aria Operations for Networks,"VMware Aria Operations for Networks is affected by a command injection vulnerability that potentially allows a malicious actor with network access to execute arbitrary commands on the server. This flaw could lead to unauthorized actions and data exposure, underscoring the necessity for prompt patching. Organizations using this product should prioritize vulnerability assessments and implement protective measures to mitigate possible exploitation scenarios.",Vmware,Aria Operations for Networks (Formerly vRealize Network Insight),9.8,CRITICAL,0.9720600247383118,true,true,false,true,true,false,false,2023-06-07T15:15:00.000Z,0