VMware Aria Operations for Logs (formerly vRealize Log Insight) contains a deserialization vulnerability. An
unauthenticated, malicious actor with network access to VMware Aria Operations
for Logs may be able to execute arbitrary code as root.
The affected version is 8.10.2, it is recommended to upgrade to 8.12
add plugin vmware_aria_operations_for_logs_cve_2023_20864
Hey,
this PR for the Vuln Detector Plugin for issue: https://github.com/google/tsunami-security-scanner-plugins/issues/325
Description of Vulnerability
VMware Aria Operations for Logs (formerly vRealize Log Insight) contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.
The affected version is 8.10.2, it is recommended to upgrade to 8.12
Related Articles:
https://www.zerodayinitiative.com/blog/2023/6/29/cve-2023-20864-remote-code-execution-in-vmware-aria-operations-for-logs
https://github.com/advisories/GHSA-8xj6-cxx5-jf7j
setup environment
VMware officially provides ova images, which can be installed directly using VMware WorkStation. Here is the vmware installation process https://blog.csdn.net/sgj584520/article/details/119797665 https://thesleepyadmins.com/2020/12/27/vmware-vrealize-log-insight-install-and-configure/ https://www.iwadmin.info/2022/07/vrealize-log-insight-88-step-by-step.html#google_vignette