Vulnerability Details CVE-2023-20888
Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentials may be able to perform a deserialization attack resulting in remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.9
EPSS Ranking 99.6%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2023-20888
-
cpe:2.3:a:vmware:vrealize_network_insight:6.2.0
-
cpe:2.3:a:vmware:vrealize_network_insight:6.3.0
-
cpe:2.3:a:vmware:vrealize_network_insight:6.4.0
-
cpe:2.3:a:vmware:vrealize_network_insight:6.5.1
-
cpe:2.3:a:vmware:vrealize_network_insight:6.6.0
-
cpe:2.3:a:vmware:vrealize_network_insight:6.7.0