Skip to main content

VMware Aria Operations for Logs Multiple Vulnerabilities

Release Date: 25 Oct 2023 4325 Views

RISK: High Risk

TYPE: Operating Systems - VM Ware

TYPE: VM Ware

Multiple vulnerabilities were identified in VMware Aria Operations for Logs. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution and security restriction bypass on the targeted system.

 

Note:

Proof of Concept exploit code is publicly available for CVE-2023-34051.

vRealize Log Insight (now known as VMware Aria Operations for Logs)


Impact

  • Denial of Service
  • Remote Code Execution
  • Security Restriction Bypass

System / Technologies affected

  • VMware Aria Operations for Logs 8.x
  • VMware Cloud Foundation 5.x, 4.x

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:


Vulnerability Identifier


Source


Related Link