CVE-2023-34051

Critical

VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into…

vmware·CWE-863·Published 2023-10-20

CVSS

9.8

EPSS

0.45

KEV

Exploits

cve.orgen

228 chars

VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.

NVDen

228 chars

NVDes

254 chars

VMware Aria Operations for Logs contiene una vulnerabilidad de omisión de autenticación. Un actor malicioso no autenticado puede inyectar archivos en el sistema operativo de un dispositivo afectado, lo que puede resultar en la ejecución remota de código.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H