From d84386101e31d6115343e1e4d95061baf972c30b Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 13 Jun 2023 22:08:59 +0530
Subject: [PATCH] Updated description

---
 http/cves/2023/CVE-2023-20887.yaml | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/http/cves/2023/CVE-2023-20887.yaml b/http/cves/2023/CVE-2023-20887.yaml
index 2c622fb302..c589954dc6 100644
--- a/http/cves/2023/CVE-2023-20887.yaml
+++ b/http/cves/2023/CVE-2023-20887.yaml
@@ -5,9 +5,8 @@ info:
   author: sinsinology
   severity: critical
   description: |
-    VMWare Aria Operations for Networks (vRealize Network Insight) is vulnerable to command injection when accepting user input through the Apache Thrift RPC interface. This vulnerability allows a remote unauthenticated attacker to execute arbitrary commands on the underlying operating system as the root user. The RPC interface is protected by a reverse proxy which can be bypassed. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
-    a malicious actor can get remote code execution in the context of 'root' on the appliance.
-    VMWare 6.x version are vulnerable.
+    VMWare Aria Operations for Networks (vRealize Network Insight) is vulnerable to command injection when accepting user input through the Apache Thrift RPC interface. This vulnerability allows a remote unauthenticated attacker to execute arbitrary commands on the underlying operating system as the root user. The RPC interface is protected by a reverse proxy which can be bypassed. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. A malicious actor can get remote code execution in the context of 'root' on the appliance. VMWare 6.x version are
+     vulnerable.
   reference:
     - https://www.vmware.com/security/advisories/VMSA-2023-0012.html
     - https://summoning.team/blog/vmware-vrealize-network-insight-rce-cve-2023-20887/
@@ -48,4 +47,4 @@ http:
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200