.. / CVE-2023-20864

Exploit for VMware Aria Operations for Logs - Unauthenticated Remote Code Execution (CVE-2023-20864)

Description:

VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.

Nuclei Template

View the template here CVE-2023-20864.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-20864.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2023-20864
https://github.com/Threekiii/CVE
https://www.vmware.com/security/advisories/VMSA-2023-0007.html