CVE-2023-20877: 
VMware vRealize Operations Manager vulnerability analysis and mitigation

CVE-2023-20877 is a privilege escalation vulnerability affecting VMware Aria Operations (formerly vRealize Operations). The vulnerability was discovered and reported by Y4er of 埃文科技, with the initial advisory published on May 11, 2023. The affected systems include VMware Aria Operations versions 8.10.x and 8.6.x, as well as VMware Cloud Foundation 4.x (VMware Advisory).

The vulnerability has been assigned a CVSSv3 base score of 8.8, categorized as 'Important' severity. The vulnerability allows an authenticated user with ReadOnly privileges to perform code execution leading to privilege escalation. The attack vector is network-accessible with low attack complexity, requiring low privileges and no user interaction (VMware Advisory, NVD).

If exploited, this vulnerability enables an authenticated attacker with ReadOnly privileges to execute arbitrary code and escalate their privileges within the system. Over 27 public-facing internet-exposed assets have been identified as potentially vulnerable to this vulnerability (Cyble).

VMware has released patches to address this vulnerability. Organizations running VMware Aria Operations 8.10.x should upgrade to 8.10 Hot Fix 4, while those running version 8.6.x should upgrade to 8.6 Hot Fix 10. For VMware Cloud Foundation 4.x users, the fix is available through KB92148. No workarounds are available, making patch application the only remediation option (VMware Advisory).