Local Privilege Escalation Vulnerability in VMware Aria Operations
CVE-2023-20879

6.7MEDIUM

Key Information:

Vendor: Vmware
Status: Vmware Aria Operations (formerly Vrealize Operations)
Vendor: CVE Published:; 12 May 2023

Summary

VMware Aria Operations has a vulnerability that allows an attacker with administrative privileges to escalate their access to root level on the underlying operating system. This could potentially lead to unauthorized control over system resources and sensitive data, posing significant risks to system integrity and security.

Affected Version(s)

VMware Aria Operations (formerly vRealize Operations) VMware Aria Operations prior to 8.12

References

https://www.vmware.com/security/advisories/VMSA-2023-0009...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 12, 2023
Vulnerability Reserved
Nov 1, 2022