CVE-2023-34051

VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution...

The vulnerability of VMware Aria Operations for Logs, a tool for analyzing network logs, stems from the lack of security measures taken to protect the website structure. This vulnerability allows attackers to inject and execute arbitrary code in users’ browsers, within the context of the vulnerable website.

The vulnerability of the VMware Aria Operations for Logs network log analysis tool exists due to the lack of security measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to inject and execute arbitrary code into the user’s browser context throug...

The vulnerability of the VMware Aria Operations for Logs network log analysis tool, related to the restoration of unreliable data in memory, allows a perpetrator to escalate their privileges.

The vulnerability of the VMware Aria Operations for Logs network log analysis tool is related to the restoration of unreliable data in memory. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

CVE-2023-34052

VMware Aria Operations for Logs contains a deserialization vulnerability. A malicious actor with non-administrative access to the local system can trigger the deserialization of data which could result in authentication bypass...