VMware, a leading software company that provides cloud computing and virtualization software and services, has recently released updates to address vulnerabilities in its VMware Aria Operations for Networks. The company issued an advisory regarding the three vulnerabilities identified as CVE-2023-20887, CVE-2023-20888, and CVE-2023-20889, which allowed for remote execution of codes and data breach. These vulnerabilities ranged from critical to high severity and needed immediate action to avoid exploitation by hackers or cybercriminals.
One of the vulnerabilities, identified as CVE-2023-20887, was rated as critical with a CVSS score of 9.8. This flaw, if exploited, would allow hackers to remotely execute codes on unpatched software. Meanwhile, the second vulnerability, CVE-2023-20888, had a CVSS score of 9.1 and was a deserialization vulnerability that could be leveraged to remote code execution. The third vulnerability, known as CVE-2023-20889, had a high-severity rating with a CVSS score of 8.8. Hackers could perform command injection attacks and steal sensitive data by exploiting this vulnerability.
To address the vulnerabilities, the company immediately released patches and updates for the VMware Aria Operations for Networks. VMware customers were advised to apply the patches as soon as possible to avoid exploitation by cybercriminals. The company’s customer connect page provided detailed steps on how to apply the patches, which should be followed correctly to avoid any further issues. The patches were made available for versions 6.x and have since been remediated in versions 6.2, 6.3, 6.4, 6.5.1, 6.6, 6.7, 6.8, 6.9, and 6.10.
According to the Hacker News report, “There are no workarounds that mitigate the issues,” which further emphasizes the need to apply the patches. The report also highlighted the seriousness of the vulnerabilities, posing a significant risk of data breaches and remote code execution if not addressed as soon as possible.
Applying the patches involved a few steps, starting with opening the patch page for a specific build number, as mentioned on the company’s customer connect page, followed by downloading the updated patch file, saving the file on the local system, and logging in to vRealize Network Insight GUI as an Administrator. After going to settings and choosing Install and Support and Overview and Updates, customers opt for the click here option, click browse, select the saved patch file, and click upload. The bundle will then process in the background, and customers are advised not to change tabs or open any other window during the patching process.
In case the session gets interrupted, the same steps for upload must be followed, and the next steps would be to opt for View details, read the Before You Proceed details, click on continue, and click on Install Now to complete the final step of the update for the vulnerability in VMware.
In conclusion, timely updates and proper patch management are essential in mitigating risks posed by vulnerabilities. VMware customers must ensure that they have applied the patches promptly to avoid falling victim to cybercriminals or hackers. The company’s prompt response to address the vulnerabilities is commendable and underlines the importance of cybersecurity as a priority in today’s digital age.