Summary
VMware has released security updates to address 5 vulnerabilities, 2 of which are “high” severity, in Aria Operations and Cloud Foundation.
Risk
Estimate of the vulnerability’s impact on the reference community: Medium (64.74)
Type
- Information Disclosure
Affected products and/or versions
VMware
- Aria Operations 8.x, versions prior to 8.18.3
- Aria Operations for Logs 8.x, versions prior to 8.18.3
- Cloud Foundation 5.x
- Cloud Foundation 4.x
Mitigation actions
In line with the vendor’s statements, it is recommended to apply the available mitigations following the indications reported in the security bulletin in the References section.
Below are only the CVEs related to the vulnerabilities with “high” severity:
References
1This estimate is made taking into account several parameters, including: CVSS, availability of patches/workarounds and PoC, diffusion of the affected software/devices in the reference community.
