Initiatives pour
En tant qu'autorité nationale en matière de cybersécurité, le CCB a développé plusieurs initiatives destinées à des publics spécifiques, qui sont présentées ici.
Warning: Poc released for Critical vulnerability in the VMware Aria Operations for Logs analysis tool, Patch Immediately!
Image
Publié : 11/07/2023
Reference:
Advisory #2023-78
Version:
1.0
Affected software:
VMware Aria Operations for Logs, versions 8.12, 8.10.2, 8.10, 8.8.x, 8.6.x
VMware Cloud Foundation (VMware Aria Operations for Logs), version 4.x
Type:
Deserialization vulnerability leading to Remote Code Execution
CVE/CVSS:
CVE-2023-20864 / 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Sources
https://www.vmware.com/security/advisories/VMSA-2023-0007.html
Risks
VMware Aria is an unified management solution for cloud native applications and multi-cloud environments.
An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.
The vulnerability has a HIGH impact on Confidentiality, Integrity, and Availability. Authentication, and user interaction are not required to exploit this vulnerability.
Exploit code for this vulnerability is now publicly available, this increases the risk on imminent exploitation.
Description
CVE-2023-20864: Deserialization vulnerability VMware Aria Operations for Logs contains a deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Logs can execute arbitrary code as the ROOT user on vulnerable systems.Recommended Actions
The Centre for Cyber Security Belgium strongly recommends system administrators to visit VMWare’s Customer Portal to download and install the patched versions of this software.
VMWare Customer Portal: https://customerconnect.vmware.com/en/downloads/info/slug/infrastructure_operations_management/vmware_aria_operations_for_logs/8_12