CVE-2023-34051

CVE Database · CVE-2023-34051

CVE-2023-34051

· CRITICALModified

CVSS v3.1

9.8

EPSS

44.67%

Published

Oct 20, 2023

Modified

May 2, 2025

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-863CWE-863

Affected Products (7)

vmware · aria_operations_for_logsvulnerable

References (2)

https://www.vmware.com/security/advisories/VMSA-2023-0021.html

PatchVendor Advisory

https://www.vmware.com/security/advisories/VMSA-2023-0021.html

PatchVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs