Critical
VMSA-2023-0007
7.2-9.8
2023-04-20
2023-04-20 (Initial Advisory)
CVE-2023-20864, CVE-2023-20865
VMware Aria Operations for Logs (Operations for Logs) update addresses multiple vulnerabilities. (CVE-2023-20864, CVE-2023-20865)
VMware Aria Operations for Logs (eski adıyla vRealize Log Insight)
VMware Aria Operations for Logs’a ağ erişimi olan kimliği doğrulanmamış, kötü niyetli bir aktör kök olarak rasgele kod yürütebilir. Gerekli patch’leri geçmenizi tavsiye ederim.
https://customerconnect.vmware.com/en/downloads/info/slug/infrastructure_operations_management/vmware_aria_operations_for_logs/8_12