CVE-2023-20879

6.7MEDIUM

Key Information:

Vendor: Vmware
Status: VMware Aria Operations (formerly vRealize Operations)
Vendor: CVE Published:; 12 May 2023

Summary

VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system.

Affected Version(s)

VMware Aria Operations (formerly vRealize Operations) VMware Aria Operations prior to 8.12

References

https://www.vmware.com/security/advisories/VMSA-2023-0009...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 12, 2023
Vulnerability Reserved
Nov 1, 2022