admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-07 05:26:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
GobyVuls/CVE-2023-20887.md
Goby 0f263671d5
Create CVE-2023-20887.md 
add CVE-2023-20887
2023-06-25 18:08:35 +08:00

13 lines
1.6 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

## VMware VRealize Network Insight resttosaasservlet Remote Command Execution Vulnerability (CVE-2023-20887)
| **Vulnerability** | **VMware VRealize Network Insight resttosaasservlet Remote Command Execution Vulnerability (CVE-2023-20887)** |
| :----: | :-----|
| **Chinese name** | VMware VRealize Network Insight resttosaasservlet 远程命令执行漏洞CVE-2023-20887 |
| **CVSS core** | 9.8 |
| **FOFA Query** (click to view the results directly)| [title="VMware vRealize Network Insight" \|\| body="vneraapp/assets/fonts/bootstrap/glyphicons-halflings-regular" \|\| title="Operations for Networks"](https://en.fofa.info/result?qbase64=dGl0bGU9IlZNd2FyZSB2UmVhbGl6ZSBOZXR3b3JrIEluc2lnaHQiIHx8IGJvZHk9InZuZXJhYXBwL2Fzc2V0cy9mb250cy9ib290c3RyYXAvZ2x5cGhpY29ucy1oYWxmbGluZ3MtcmVndWxhciIgfHwgdGl0bGU9Ik9wZXJhdGlvbnMgZm9yIE5ldHdvcmtzIg%3D%3D) |
| **Number of assets affected** | 32 |
| **Description** | VMware Aria Operations is a unified, AI-driven autonomous IT operations management platform from VMware Inc. It is designed for private cloud, hybrid cloud, and multi-cloud environments.A security vulnerability exists in the /saas./resttosaasservlet component of VMware Aria Operations Networks 6.x series versions, which allows attackers to execute command injection attacks and subsequently result in remote code execution. |
| **Impact** | A security vulnerability exists in the saasresttosaasservlet component of VMware Aria Operations Networks 6.x series versions, which allows attackers to execute command injection attacks and subsequently result in remote code execution. |
![](https://github.com/jwy456829/Goby/blob/master/CVE-2023-20887.gif)
Reference in New Issue View Git Blame Copy Permalink