VMware Aria Operations for Logs Multiple Vulnerabilities

Release Date: 25 Oct 2023 4178 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - VM Ware

TYPE: VM Ware

Multiple vulnerabilities were identified in VMware Aria Operations for Logs. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution and security restriction bypass on the targeted system.

 

Note:

Proof of Concept exploit code is publicly available for CVE-2023-34051.

vRealize Log Insight (now known as VMware Aria Operations for Logs)

Impact

  • Denial of Service
  • Remote Code Execution
  • Security Restriction Bypass

System / Technologies affected

  • VMware Aria Operations for Logs 8.x
  • VMware Cloud Foundation 5.x, 4.x

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

Vulnerability Identifier

Source

Related Link

Related Tags

VMwarevRealizeRemote Code ExecutionSecurity Restriction BypassProof of Concept

Share with

Previous

Cisco IOS XE Escalation of Privilege Vulnerability

17 Oct 2023 5662 Views

Next

Google Chrome Remote Code Execution Vulnerability

25 Oct 2023 4220 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY