Admins using the VMware Aria Operations for Logs cloud analysis tool should update the application as soon as possible. Attackers could, among other things,critical“Create a root hole and, in the worst case, execute malicious code.
Dangerous root holes
As indicated by a warning message, many release threads are affected. This is a deserialization vulnerability (CVE-2023-20864). In such a case, attackers can usually run untrusted code due to bugs. It is not yet clear what that could look like in this case. However, malicious code attacks with root privileges should be possible without authentication.
In addition, the developers have a second vulnerability (CVE-2023-20865 “hoch“) closed. Here, an attacker who already has admin rights could execute their own code and compromise systems.
VMware states the security issues in the Issue 8.12 to have solved.
(of the)
