Vulnerabilities (CVE)

Filtered by vendor Vmware Subscribe
Filtered by product Vrealize Network Insight
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-20889 1 Vmware 1 Vrealize Network Insight 2024-02-04 N/A 7.5 HIGH
Aria Operations for Networks contains an information disclosure vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in information disclosure.
CVE-2023-20888 1 Vmware 1 Vrealize Network Insight 2024-02-04 N/A 8.8 HIGH
Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentials may be able to perform a deserialization attack resulting in remote code execution.
CVE-2022-31702 1 Vmware 1 Vrealize Network Insight 2024-02-04 N/A 9.8 CRITICAL
vRealize Network Insight (vRNI) contains a command injection vulnerability present in the vRNI REST API. A malicious actor with network access to the vRNI REST API can execute commands without authentication.