VMware vCenter Server is vulnerable to out-of-bounds write (CVE-2023-34048) and partial information disclosure (CVE-2023-34056) vulnerabilities. Successful exploitation of the vulnerabilities may result in access to critical data and remote code execution.
Citrix has released patches to address two vulnerabilities (CVE-2023-4966 & CVE-2023-4967) in NetScaler ADC and Gateway. CVE-2023-4966 has been rated as critical, with a CVSS score of 9.4. Successful exploitation of the vulnerability may lead to information disclosure. CVE-2023-4967 has a high severity rating and a CVSS score of 8.2. Successful exploitation of the vulnerability … Continue reading “NetScaler Application Delivery Controller (ADC) and NetScaler Gateway Multiple Vulnerabilities (CVE-2023-4966 & CVE-2023-4967) (CitrixBleed)”
Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, is vulnerable to multiple vulnerabilities. The vulnerabilities are tracked as CVE-2023-20034, CVE-2023-20252, CVE-2023-20253, CVE-2023-20254, & CVE-2023-20262, which have medium, high, and critical severities Successful exploitation of the vulnerabilities may allow an attacker to access an affected instance or cause a denial of service (DoS) condition.
VMware has released a security advisory to address multiple critical vulnerabilities affecting Aria Operations for Networks (formerly vRealize Network Insight). CVE-2023-20887, CVE-2023-20888, and CVE-2023-20889 have been given Critical and Important Severity ratings with CVSS scores of 9.8, 9.1, and 8.8, respectively. Successful exploitation of these vulnerabilities may allow an attacker to perform command injection and/or … Continue reading “VMware Patched Multiple Critical Vulnerabilities in Aria Operations for Networks (CVE-2023-20887, CVE-2023-20888, and CVE-2023-20889)”
VMware has released a security advisory to address multiple vulnerabilities in its vRealize Log Insight product. The vulnerabilities have CVSSv3 scores ranging from 5.3 to 9.8. The vulnerabilities are being tracked as CVE-2022-31706, CVE-2022-31704, CVE-2022-31710, and CVE-2022-31711. vRealize Log Insight is used by infrastructure and applications in any environment for intelligent log management. This … Continue reading “VMware Released Patch for Multiple Vulnerabilities in VMware vRealize Log Insight (CVE-2022-31704, CVE-2022-31706, CVE-2022-31710, & CVE-2022-31711)”