VMware released several security patches today to address critical and high-severity vulnerabilities in VMware Aria Operations for Networks, allowing attackers to achieve remote execution or access sensitive information.

Previously known as vRealize Network Insight (vRNI), this network visibility and analysis tool helps administrators optimize network performance or manage and scale various VMware and Kubernetes deployments.

The most serious of the three security bugs fixed today is a command injection vulnerability identified as CVE-2023-20887, which unauthenticated hackers can exploit in low-complexity attacks that do not require user interaction. user.

“A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in remote code execution”, Vmware said.

VMware today patched a second vulnerability that could lead to remote code execution on unpatched Aria Operations appliances, caused by an authenticated deserialization weakness identified as CVE-2023-20888.

Much like CVE-2023-20887, this also requires network access to the vulnerable appliance and valid “member” role credentials for a successful deserialization attack leading to remote code execution.

The third flaw, an information disclosure vulnerability identified as CVE-2023-20889, allows malicious actors to access sensitive information after a successful command injection attack.

No workaround available

WMware says no workaround is available to remove the attack vector, so administrators should patch all on-premises installations of VMware Aria Operations Networks 6.x to protect against attacks.

You can find the full list of security patches released to fix these flaws for all vulnerable versions of Aria Operations for Networks at VMware Customer Connect website.

On the same page, the company has shared the detailed steps of the procedure required to apply the patch bundles, which requires downloading the update patch file, downloading it while logged in as an administrator user. in the vRNI GUI and install it from Settings > Install. and Support > Overview and Updates.

In April, VMware also addressed a critical bug that allow attackers to run code as root in the vRealize Log Insight log analysis tool.

Months earlier, the Horizon3 attack team released proof-of-concept exploit code for another round of critical security vulnerabilities in the same VMware product corrected a week earlier.


Source link