High Threat Security Alert (A23-04-16): Multiple Vulnerabilities in VMware Aria Operations for Logs
21 April 2023
VMware has published a security advisory to address multiple vulnerabilities in VMware Aria Operations for Logs. The details of the security update can be found at: https://www.vmware.com/security/advisories/VMSA-2023-0007.html
Reports indicate that a remote code execution vulnerability (CVE-2023-20864) in VMware Aria Operations for Logs is at high risk of exploitation. System administrators are advised to take immediate actions to patch your affected systems to mitigate the elevated risk of cyber attacks.
VMware Aria Operations for Logs (formerly vRealize Log Insight)
For detailed information of the affected products, please refer to the section "Response Matrix" of corresponding security advisory at vendor's website.
Depending on the vulnerabilities being exploited, a successful exploitation could lead to remote code execution or arbitrary command injection on the affected system.
The patch for affected product is available. System administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.