3 matches found
VMware Aria Operations for Logs 8.10.2 / 8.12 Deserialization (VMSA-2023-0021)
The version of VMware Aria Operations for Logs formerly VMware vRealize Log Insight running on the remote host is 8.10.2 or 8.12. It is, therefore, affected by a deserialization vulnerability. An unauthenticated, remote attacker with non-administrative access to the local system can trigger the...
CVE-2023-34052
VMware Aria Operations for Logs contains a deserialization vulnerability. A malicious actor with non-administrative access to the local system can trigger the deserialization of data which could result in authentication bypass...
CVE-2023-34052
CVE-2023-34052 affects VMware Aria Operations for Logs (deserialization vulnerability enabling authentication bypass). A non-administrative, local attacker can trigger deserialization to bypass authentication. VMware’s advisory VMSA-2023-0021 provides remediation: update to fixed version 8.14. Th...