CVE-2023-20889
7.5HIGH
Key Information
- Vendor
- Vmware
- Status
- Aria Operations for Networks (Formerly vRealize Network Insight)
- Vendor
- CVE Published:
- 7 June 2023
Summary
Aria Operations for Networks contains an information disclosure vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in information disclosure.
Affected Version(s)
Aria Operations for Networks (Formerly vRealize Network Insight) = Aria Operations for Networks (Formerly vRealize Network Insight) 6.x
EPSS Score
18% chance of being exploited in the next 30 days.
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database