• Aria Operations for Logs

   

Multiple vulnerabilities in VMware Aria Operations for Logs were privately reported to VMware. Updates are available to remediate this vulnerability in affected VMware products.

VMware Aria Operations for Logs contains an authentication bypass vulnerability VMware has evaluated the severity of this issue to be in the Important Severity Range with a maximum CVSSv3 base score of 8.1.

An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.

To remediate CVE-2023-34051 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below.

None.

None.

None.

VMware Aria Operations for Logs contains a deserialization vulnerability. VMware has evaluated the severity of this issue to be in the Important Severity Range with a maximum CVSSv3 base score of 8.1.

A malicious actor with non-administrative access to the local system can trigger the deserialization of data which could result in authentication bypass.

To remediate CVE-2023-34052 apply the updates listed in the 'Fixed Version' column of the 'Response Matrix' below.

None.

None.

None.

VMware would like to thank IuHrm of Cyber KunLun for reporting this issue to us.

Fixed Version(s) and Release Notes:

VMware Aria Operations for Logs (Operations for Logs) 8.14 Release Notes

Downloads and Documentation:

https://customerconnect.vmware.com/en/downloads/info/slug/infrastructure_operations_management/vmware_aria_operations_for_logs/8_14

https://docs.vmware.com/en/VMware-Aria-Operations-for-Logs/8.14/rn/vmware-aria-operations-for-logs-814-release-notes/index.html

VMware Cloud Foundation: KB95212

Mitre CVE Dictionary Links:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34051

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34052

FIRST CVSSv3 Calculator:

CVE-2023-34051 - https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2023-34052 - https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

2023-10-19 VMSA-2023-0021

Initial security advisory.

2023-10-23 VMSA-2023-0021.1

Updated VMSA to note that VMware has confirmed that exploit code for CVE-2023-34051 has been published.

E-mail list for product security notifications and announcements:

http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

This Security Advisory is posted to the following lists:
[email protected]

E-mail: [email protected]

PGP key at:
https://kb.vmware.com/kb/1055

VMware Security Advisories
http://www.vmware.com/security/advisories

VMware Security Response Policy
https://www.vmware.com/support/policies/security_response.html

VMware Lifecycle Support Phases
https://www.vmware.com/support/policies/lifecycle.html

VMware Security & Compliance Blog
https://blogs.vmware.com/security

Twitter
https://twitter.com/VMwareSRC

Copyright 2023 VMware Inc. All rights reserved.