By Lerpong Intaraworrapath | June 15th ,2023
Critical severity
Impacted Products
Aria Operations for Networks (Formerly vRealize Network Insight)
CVE(s)
CVE-2023-20887, CVE-2023-20888, CVE-2023-20889
Synopsis
VMware Aria Operations for Networks updates address multiple vulnerabilities. (CVE-2023-20887, CVE-2023-20888, CVE-2023-20889)
Introduction
Multiple vulnerabilities in Aria Operations for Networks were privately reported to VMware. Patches are available to remediate these vulnerabilities in affected VMware products
Response Matrix
| Product | Version | Running On | CVE Identifier | CVSSv3 | Severity | Fixed Version | Workarounds | Additional Documentation |
| VMware Aria Operations Networks | 6.x | Any | CVE-2023-20887, CVE-2023-20888, CVE-2023-20889 | 9.8, 9.1, 8.8 | Critical | KB92684 | None | N/A |
References
Fixed Version(s) and Release Notes:
VMware Aria Operations for Networks 6.x HF: KB92684
Change Log
2023-06-07 VMSA-2023-0012
Initial security advisory.
VMware Security Advisories
http://www.vmware.com/security/advisories
https://www.vmware.com/security/advisories/VMSA-2023-0012.html