Outbreak Alert: VMware Aria Operations for Networks Command Injection Vulnerability
| Description | This outbreak alert on VMWare Aria covers vulnerability that is CVE-2023-20887.
CVE-2023-20887 is a critical vulnerability affecting VMware Aria Operations for Networks, formerly known as vRealize Network Insight. It involves a command injection flaw that could allow remote attackers to execute arbitrary code on the system.
This article describes the assessment of Command Injection vulnerability in VMWare Aria software. |
| Scope | FortiDAST Scripting Engine updated in version 24.3.a |
| Solution | Detection against that vulnerability is empowered by the FortiDAST Scripting Engine (FSE).
This technology enables FortiDAST to assess remotely with a high level of confidence if an asset is vulnerable to a specific vulnerability by testing the disarmed exploit against the asset itself.
To configure the scan, it will be necessary to enable the FSE group signature 'vmware-esxi' which will select the underlying script as per the scan requirement: 'CVE-2023-20887 VMWare Aria remote code execution vulnerability.'
For reference, a step-by-step guide on how to configure FortiDAST to trigger FSE can be found on Fortinet’s blog: |